The COVID-19 pandemic has caused a dramatic increase in the frequency and sophistication of cyber attacks. Security experts attribute this trend to the unprecedented changes in the way companies and employees have adopted new ways of doing business, and the global anxiety over the pandemic. According to the Canadian Center for Cyber Security, the health sector, particularly those involved with the national efforts around COVID-19, are at an elevated risk of being targeted. Sophisticated threat actors may target Canadian pharmaceutical and medical research labs working on coronavirus vaccines and other remedies.
Currently, the sector is putting effort into researching and developing the COVID-19 vaccine, making the country an extremely appealing target for state-sponsored hackers. For instance, Providence Therapeutics Inc., a Calgary-based biotech firm, announced it was ready to start phase 1 testing of a vaccine last month.
Prof. Ali Dehghantanha, the director of the Cyber Science Lab at the University of Guelph’s School of Computer Science, warns that the new threat reported by Canada’s spy agency, originate from advanced persistent threat (APT) groups. The state-sponsored hackers aim to steal or corrupt intellectual property, mainly data generated by Canadian researchers in universities and pharmaceutical groups. APT groups’ motivation is not to cash in on attacks, but to support their governments’ agendas by stealing research on new vaccines and therapies.
Countries operating under international trade sanctions and lacking research resources afforded through intercountry collaboration, opt to fund APT groups to steal information about COVID-19 remedies. In other circumstances, states engage in cyber attacks to augment their research efforts and enhance their corresponding geopolitical positions. A recent estimate by Barron’s suggests that a dose of the vaccine priced at $30 USD, could you be worth $10 billion USD annually. Some analysts estimate that a single dose could be priced as high as $200 USD.
APT groups are also targeting supply chains of essential materials, such as personal protective equipment, to give their states an upper hand in the global procurement of COVID-19 resources. Other customary hackers aim to achieve financial gains through ransomware attacks. The profit-motivated criminals target personal data provided voluntarily by Canadians participating in research programs.
Canadian Centre for Cyber Security Alert
The Canadian Centre for Cyber Security draws attention to a couple of attacks that hackers might deploy to target drug makers and COVID-19 research. They are using popular tactics and procedures, but with an increased focus on coronavirus research. The threats range from social engineering exploits such as spear-phishing and manipulation. As opposed to widespread and readily recognizable spam, the attackers target COVID-19 researchers with personalized email messages that appear to originate from trusted sources. The exploit tricks receivers into opening malicious files or clicking malicious links.
Cybercriminals will also exploit critical vulnerabilities as housebound employees connect with their company networks remotely. Remote working has increased the risks of insider threats due to employee negligence. Workers are prone to mixing work-related activities with personal online endeavors. In the process, they often fail to observe security practices, leaving remote devices susceptible to attacks. Additionally, remote employees may be connecting insecure networks that increase opportunities for cybercriminals to intercept login credentials, steal data, and spread infections to the broader company systems.
At the same time, threat actors attempt to cash in on the country’s medical researchers’ current pressure to extract a ransom. Organizations may fail to practice normal cyber-hygiene as they focus on ways to keep the business running during a crisis.
Responding to Increased Cyber Attacks
Data breaches will cause loss of resources, including research money, employee efforts, valuable research information, and patient data. Research universities, biotech and life sciences companies as well as pharmaceutical groups can implement an array of security measures to impede threat actors and mitigate sophisticated attacks targeting their systems and critical data. Read our last article, Cybersecurity and the Pharmaceutical Industry, to learn about the basic measures that can be taken to secure your organization.
Some ways that ISA Cybersecurity can help:
Security Awareness Program: Organizations should remind employees to practice phishing awareness and use complex, unique passwords for their online accounts and devices. ISA Cybersecurity offers customized cybersecurity training services to create awareness among organizations’ first line of defense, the employees. This is the foundational step to protecting against sophisticated social engineering threats.
Managed Services: Companies are still revealing gaps in their cybersecurity strategies because of a deficit in the availability of skilled security professionals. Organizations can leverage managed services designed to respond to evolving cyber threats and provide the information management and controls needed to enhance their security posture. A managed service provider offers capabilities such as risk and cost reduction through increased compliance. The expert protects critical systems and data by adhering to industry best practices and reduces threats through real-time monitoring and security validation.
Incident Response: The rising number of high-impact cyber incidents results in costly recovery activities. ISA Cybersecurity can help in a variety of ways, from assisting in the construction of your incident response plan, to providing technical assistance in the event of a breach, right through to data forensics to identify what happened, who did it, and how to help strengthen defenses to prevent it from happening again.
Contact us today to learn more, before a breach happens.