COVID-19 Research and Vaccine Research from US, UK and Canada involved in COVID-19 research have been targeted by a hacking group known as APT29.
Delhi: Col. Inderjeet Singh, Cyber Security Expert, Director General, Cyber Security Association of India explains that as the world battles the COVID-19 pandemic, adversaries continue to use cyber means to target organizations developing a vaccine to cure COVID-19. The U.S. and Canada join the UK in exposing such malicious cyber activities by the hacking groups.
Also Read: Insight into Twitter hacks using Bitcoin Scam by Col. Inderjeet Singh, DG, CSAI
APT (Advanced Persistent Threat) groups are generally nation-state or state-sponsored organisations that aim to breach key infrastructure and gain access to other nations’ networks. There are several active hacking organisations whose allegiance is typically known.
APT29 has been active since 2008, and its hacking arsenal, as well as attack techniques and infrastructure, has been constantly improved and updated. APT29 is thought to be financed and backed by the FSB, or Russian Federal Security Service, according to several cybersecurity experts.
Threat Group APT29 targets COVID-19 Vaccine Development
The viruses WellMess and WellMail have never been officially linked to APT29 before. Many cyber criminals use the COVID-19 to spread low-level schemes and numerous threats, according to Col. Inderjeet. The case of the APT29, on the other hand, is significantly more intriguing. It’s possible that it’s a Russian reconnaissance operation, which the Kremlin may or may not support.
As they look for answers to further intelligence concerns about the pandemic, APT29 is expected to continue targeting firms engaged in COVID-19 vaccine research and development. In the months ahead, cyber assaults over a vaccination demonstrate the possibility of severe global confrontation over coronavirus.
A COVID-19 vaccination is currently the most valuable item on the planet. It’ll be impossible to make 7 billion dosages all at once.
Col Inderjeet discusses viable countermeasures to prevent such hacking attacks. He proposes, “To prevent stolen credentials from being exploited to gain access to systems, multi-factor authentication should be used. All employees should be aware of the issue of phishing, and they should have confidence in their ability to spot a phishing assault. All employees should be told to report any suspected phishing assaults to their security teams, and all complaints should be properly examined.”
Also Read: New BlackRock Android malware can steal User Data from 337 Apps
