Senior FBI official reveals foreign state-backed hackers have targeted Coronavirus research

  • While the cybersecurity issues have increased after the Coronavirus outbreak, threat actors picked this critical time to run their illegal work

  • Now, these hackers are targeting research on COVID-19 treatment

While the world recorded over 2,158,000 Coronavirus cases and more than 144,000 fatalities, scientists are desperately looking for a vaccine that will cure COVID-19 patients. But not everyone wants this process to be successful as a senior cybersecurity official at the Federal Bureau of Investigation (FBI) has revealed that hackers have broken into biotech companies which are researching on Coronavirus treatment.

During an online panel discussion hosted by Aspen Institute on Thursday, FBI Deputy Assistant Director Tonya Ugoretz told participants that the bureau had recently seen state-backed hackers trying to breach into a series of healthcare and research institutions. Ugoretz said, "We certainly have seen reconnaissance activity, and some intrusions, into some of those institutions, especially those that have publicly identified themselves as working on COVID-related research."

Cybersecurity Reuters

Cybersecurity in healthcare

As per Ugoretz, such kind of threat makes these institutions as a mark for other nation-states that are interested in finding out details about what exactly they're doing and maybe even stealing proprietary information that those health institutions have.

Even though she did not reveal the origin of these hacking activities or which country is behind such cybersecurity threats, she said that the state-backed hackers had often targeted biopharmaceutical industry but it is certainly heightened during the Coronavirus crisis.

Bill Evanina, Director of the National Counterintelligence and Security Center also said that medical research organizations and those who work for them should be vigilant against such threat actors who are seeking to steal intellectual property or other sensitive data related to US' response to the COVID19 pandemic. Evanina also mentioned that "Now is the time to protect the critical research you're conducting."

Cybersecurity activities during Coronavirus pandemic

A few days ago authorities in Moscow, the worst-hit area, blamed hackers for bringing down a new website meant to issue travel permits to the city's residents to use during the coronavirus lockdown in Russia. It should be noted that Eduard Lysenko, a Moscow city official, told the Ekho Moskvy radio station that along with the new website, Moscow government's website had been hit by more hacking attacks overnight than during the last six months combined.

In another case, reports revealed that cybercriminals have been using the dark web while claiming to sell blood and saliva samples of a Coronavirus infected person. A scam advertisement was found in the dark web market site called Own Shop that claimed to offer the blood for a hefty price tag of $1000.

It should be noted that last month, cyber-security firm QiAnXin found that one of the first state-sponsored attacks using Coronavirus-themed emails came from the Hades Group and believes that the group was working from Russia. As mentioned by the cybersecurity firm the group of cybercriminals also had a tie-up with the notorious group, APT28, codenamed Fancy Bear.

Recently, Chinese tech security company 360 Security Technology told the Global Times that they have evidence that India-based threat actors attacked medical organisations through a "phishing scheme" sent by email. Even though the company didn't share the evidence or specific examples of the cyber attack, they said, "Cases have shown that an Advance Persistent Threat (APT) from India is trying to attack Chinese medical organisations through a phishing scheme sent by email."

Related topics : Coronavirus Cybersecurity