Since the beginning of the COVID-19 situation in March, creating a vaccine has been a major priority. True to form, hackers have begun targeting and creating cyberattacks to the very organizations responsible for the vaccine trials. We’re now seeing many more COVID-19 related cyberattacks. There’s a lesson to be learned, today we’ll discuss it.
Cozy Bear Cyberattacks
According to the UK’s National Cyber Security Centre, a group with the moniker “APT29” (who is also known as “Cozy Bear” or as “the Dukes”) has started to relentlessly hack organizations tabbed with creating a vaccine for COVID-19. These claims have been corroborated by both US and Canadian authorities, and present a significant roadblock to the progress of COVID-19 vaccine production.
In fact, the National Cyber Security Centre released a report that goes on to describe APT29’s use of several exploits in conjunction with spear phishing attacks to gain access to CSC’s network and infrastructure. Once network security is breached the organization gets busy deploying malware known as WellMess or WellMail.
CSC has been working with software vendors to patch vulnerabilities. Software that has been patched doesn’t provide the exploitable pathways that often lead to problems.
Experts believe that this is not the first time APT29 has struck and that this threat should be taken very seriously. The organization is believed to be behind the 2016 hack that broke into the Democratic National Committee’s systems. The group has also been suspected of attacks against various healthcare, energy, government and other organizations.
Here at Symmetric IT Group, we relentlessly discuss phishing in our blog, because it is one of the biggest threats to maintaining network security. Most phishing attacks are messages sent randomly, but the spear phishing attack is one that is planned and executed deliberately to target one person. Hackers look for a weak link and try to take advantage of it.
While your organization probably won’t be targeted by major hacking collectives, it is still important that you and your staff know how to identify a phishing attack. Sometimes if someone is not familiar with these kinds of approaches it is easier for hackers to gain access and take advantage. So what can you do if you suspect you are being attacked? Here are a few tips:
- Always check the details. Legitimate emails are sent from legitimate email addresses. Take a look at the email address of suspect emails and you’ll likely see a potential ruse.
- Proofread the message. Most business correspondence is proofread before it is sent. If the spelling and grammar looks as suspect as the email is, it’s likely illegitimate.
- Reach out. If there is any question, reach out to the organization/person sending the message. The more you know, the less likely you will fall for a scam.
Keeping your eye out for Covid-19 related cyberattacks and identifying phishing attacks has to be a major point of emphasis for your company and is something that we can identify. In today’s modern world, no business is completely immune to cyber security threats. In fact, businesses of all sizes have already experienced the attack of cyber threats like ransomware, phishing, and brute force attacks of all kinds.
If looking to learn more about how we at Symmetric It Group can help protect your company with our Information Security Services, please check out our Information Security Page and call us at (813) 749-0895 for help with getting the resources you need to properly train your team and any other cybersecurity help to avoid possible hackers. Call Symmetric IT Group today at (813) 749-0895 for help with getting the resources you need to properly train your team.