Delhi: Col. Inderjeet Singh, Cyber Security Expert, Director General, Cyber Security Association of India explains that as the world battles COVID-19 pandemic, adversaries continue to use cyber means to target organizations developing a vaccine to cure COVID-19. The U.S. and Canada join the UK in exposing such malicious cyber activities by the hacking groups.
Also Read: Insight into Twitter hacks using Bitcoin Scam by Col. Inderjeet Singh, DG, CSAI
APT or Advanced Persistent Threat groups are usually nation-state or state-sponsored groups, working to compromise critical infrastructure and gain access to networks belonging to other countries. Many active hacking groups exist and their allegiance is usually known.
APT29 has been around since 2008, and they have been continuously improving and updating their hacking arsenal as well as attack strategies and infrastructure. Some cybersecurity researchers believe that APT29 is funded and supported by the FSB or, in other words, the Russian Federal Security Service.
The malware WellMess and WellMail have not previously been publicly associated with APT29. Col. Inderjeet further explains that many cyber criminals are using the COVID-19 to propagate low-level scams and various threats. However, the case of the APT29 is far more interesting. One can speculate that it is a Russian reconnaissance operation that may or may not be backed by the Kremlin.
APT29 is likely to continue to target organizations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic. Cyber attacks over a vaccine show the potential for serious global conflict over coronavirus in the months ahead.
A COVID-19 vaccine is arguably the most precious commodity on earth right now. It won’t be possible to produce 7 billion doses at once.
Col Inderjeet talks about the possible solutions to guard against this kind of hacking attempts. He suggests, "Multi-factor authentication should be implemented to prevent stolen credentials from being used to gain access to systems. All staff should be educated about the threat from phishing and all employees should be confident in their ability to identify a phishing attack. All staff should be instructed to report any suspected phishing attacks to their security teams and reports should be investigated promptly and thoroughly"
Also Read: New BlackRock Android malware can steal User Data from 337 Apps
