About Link High Technologies Inc.
As a local, privately-owned small business ourselves, we understand how important effective, on-time IT solutions are in keeping your business vigorous and growing. We are dedicated to helping our clients grow their businesses by delivering customized IT solutions that increase productivity, decrease risk, and provide measurable value.
Categories Tags

COVID-19 Vaccine Attacks and Cybersecurity

COVID-19 Vaccine Attacks and Cybersecurity

COVID-19 Vaccine Attacks and Cybersecurity

Since the outbreak of the COVID-19 across the globe, there has been a lot of hope and effort put into developing a vaccine against it. Unfortunately, just as some experiments have produced promising results, hackers have begun targeting the research centers responsible. Let’s look at COVID-19 Vaccine Attacks and Cybersecurity to see what it can teach us.

The Cozy Bear Threat

According to the National Cyber Security Centre, a government security organization based in the United Kingdom, a hacking group known as “APT29” (also referred to as “the Dukes” or “Cozy Bear”) has actively targeted the research centers conducting research into developing a COVID-19 vaccine. These claims are supported by the United States’ National Security Agency and Canada’s Communications Security Establishment.

In fact, the National Cyber Security Center released a report that outlined the attack that the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency also endorses.

This report describes the use of various exploits in conjunction with spear phishing attacks by APT29. Both tactics give APT29 access to carry out the rest of their attacks. This often involves deploying malware known as WellMess or WellMail.

Some of these exploits have been patched, so make sure your patches are up to date.

Experts share the opinion that Cozy Bear has struck before and the current threat needs to be taken very seriously. APT29 was responsible for the 2016 intrusion into the Democratic National Committee’s systems. The groupis linked to assorted attacks on healthcare, energy, governmental and diplomatic organizations in the past.

What is Spear Phishing?

Phishing is a form of hacking that targets the end user, rather than using software vulnerabilities. Spear phishing is a more direct form of phishing. Instead of sending a generic message to groups of potential targets, spear phishing is directed to an individual with access to data and resources.

While APT29 may not target your organization as a part of these efforts to steal research, it is nevertheless critical to recognize a potential phishing attack. While the following is by no means a comprehensive list of warning signs, it is a good place to start educating your team:

  • Always check the details. Many phishing attacks are identified by close-but-no-cigar “From” addresses. When in doubt, try looking up the email address that sent an email.
  • Proofread the message. While legitimate messages can contain spelling and grammar mistakes, many phishing messages can be rife with errors.
  • Double-check. Don’t be afraid to confirm that the email is legitimate by reaching out to the supposed sender to confirm.

For more assistance in dealing with phishing attacks, reach out to us! Link High Technologies Inc. can help prevent a phishing attack from impacting your operations. Give us a call at (973) 659-1350 to learn more.

Copyright 2021 Link High Technologies Inc. All Rights Reserved.