State-Sponsored APTs Run Rampant After COVID-19 Research

The COVID-19 pandemic has unleashed a multitude of cyberattacks, impacting firms across different sectors. While a significant number of these attacks seen in the wild are executed using related themes, there is an array of attacks targeting medical research organizations and vaccine developers.

What’s happening?

As the requirement for healthcare organizations and pharmaceutical companies during the pandemic increases more than ever, APT groups are ramping up their attacks on these institutions to pilfer information about vaccine research and treatments. A huge chunk of these attacks are launched by state-sponsored hackers.
  • Throwing light on the trend, Microsoft revealed that three-nation state actors are actively attempting to hack at least seven companies involved in COVID-19 vaccine research. The three threat actor groups are tracked as the Lazarus Group from North Korea, Russia’s Fancy Bear, and another North Korea-linked group called Cerium.
  • The affected companies are located in Canada, France, India, South Korea, and the U.S.
  • The series of attacks represent just the latest in a long line of incidents that have targeted healthcare organizations during one of the most trying times.

And, the threat list continues 

Besides aiming for vaccine and treatment research, hackers are making efforts to cause maximum system outages on firms tied to the COVID-19 responses.
  • Two global firms, Miltenyi Biotec and Americold, associated with COVID-19 treatments, reportedly experienced cybersecurity incidents that affected their order and operational processes.
  • A report from Cybereason disclosed that the North Korea-based Kimsuky threat actor group added pharmaceutical and medical research companies working on COVID-19 vaccines and therapies to its list of new targets.

The rising attacks on pharma: a major concern

  • According to Verdict, security experts warned that pharmaceutical companies possessing COVID-19 related intellectual property, such as clinical trial data and drug formula, are likely to be a potential target for cyberattacks over the next 12 months.
  • The recent cybersecurity incidents at Dr Reddy’s and Pfizer give a broader view of what is in store for pharmaceutical companies in the coming months.

Final words

With cybercriminals frequently capitalizing on global events, it comes as no surprise that their attention has turned to the COVID-19 vaccine. A breach at research centers and pharmaceutical firms can potentially delay the production of the much-awaited vaccine. Therefore, it is necessary to maximize the security of these facilities to protect intellectual property and medical research.