In April, US and British cyber security agencies suggested that “malicious” actors have been exploiting the coronavirus crisis for commercial gain, without specifying the origins of these attacks.
The UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) have updated their warning about ongoing hacking campaigns against national and international organisations involved in addressing the global coronavirus pandemic, according to a joint statement.
The cyber security agencies said that the COVID-19 health crisis was being “exploited” by “advanced persistent threat (APT) groups” as a part of ongoing cyber operations aimed at collecting information on the coronavirus, including “intelligence on national and international healthcare policy” or even “sensitive data” related to virus research.
The statement did not specify which organisations or countries were behind the attacks, but argued that data was being stolen for “commercial and state benefit” in a bid to upgrade “domestic research efforts into COVID-19-related medicine”.
The targeted organisations reportedly include healthcare bodies, pharmaceutical firms, as well as educational and research facilities.
The statement came as an update to an earlier alert jointly issued by NCSC and CISA in April, warned of “malicious cyber actors” who were using the crisis to target individuals and companies within the United States and the United Kingdom with phishing and other strategies used for commercial purpose, something they argued would continue in the coming months.
British media also earlier claimed, citing comments from NCSC staff, that hackers from Russia, Iran and China were trying to steal information on COVID-19 research from British universities and scientific facilities; claims that remained unproven and have been debunked by Russian authorities.