The UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) have updated their warning about ongoing hacking campaigns against national and international organisations involved in addressing the global coronavirus pandemic, according to a joint statement.
The cyber security agencies said that the COVID-19 health crisis was being “exploited” by “advanced persistent threat (APT) groups” as a part of ongoing cyber operations aimed at collecting information on the coronavirus, including “intelligence on national and international healthcare policy” or even “sensitive data” related to virus research.
The statement did not specify which organisations or countries were behind the attacks, but argued that data was being stolen for “commercial and state benefit” in a bid to upgrade “domestic research efforts into COVID-19-related medicine”.
“APT actors frequently target organisations in order to collect bulk personal information, intellectual property, and intelligence that aligns with national priorities”, the agencies said, suggesting that “large-scale password spraying campaigns” that were employed by the hackers to conduct their malicious deeds.
The targeted organisations reportedly include healthcare bodies, pharmaceutical firms, as well as educational and research facilities.
British media also earlier claimed, citing comments from NCSC staff, that hackers from Russia, Iran and China were trying to steal information on COVID-19 research from British universities and scientific facilities; claims that remained unproven and have been debunked by Russian authorities.