Since the beginning of the COVID-19 pandemic this year, over a hundred medical research groups have been working on a vaccine. Naturally, hackers have begun targeting those very organizations. There’s are lessons to be learned from this.
Cozy Bear
The UK’s National Cyber Security Centre reports that a hacker group called APT29, aka Cozy Bear or the Dukes, is attacking organizations that are working on a vaccine for COVID-19. US and Canadian authorities have corroborated this, and say that the attacks are delaying progress towards a vaccine.
The National Cyber Security Centre released a report that describes APT29’s use of malicious code in conjunction with several spear-phishing attacks on CSC’s network and infrastructure. Once network security is breached, the organization deploys malware known as WellMess or WellMail.
CSC has been working with software vendors to patch vulnerabilities.
Experts say that this threat should be taken very seriously. They believe that APT29 was responsible for the 2016 hack that broke into the Democratic National Committee’s systems, and other attacks against various healthcare, energy, and government organizations.
Spear Phishing
We constantly discuss phishing on our blog as one of the biggest threats to network security. Most phishing emails are sent randomly, but spear-phishing attacks are targeted against one person as a way into a system.
While we hope your organization won’t be targeted by APT29, you and your staff need to be able to identify a phishing attack and know what to do if it happens. Here are a few tips:
- • Check the email address. The address of a suspect email may not be the address of the organization it pretends to be from. Email suffixes from a different country are a dead giveaway.
- • Proofread the message. If the spelling and grammar look unprofessional, it’s probably malicious.
- • Reach out. If you are suspicious at all, reach out to the organization/person sending the message independently. If they say they are FedEx, call FedEx. Don’t hit reply.
Identifying phishing attacks is an essential skill for your employees. Call Quikteks today at (973) 882-4644 for information about training workshops. We can help.