Comment from Varonis – Russia has been caught hacking into coronavirus vaccine projects
July 2020 by Matt Lock, Technical Director UK at Varonis
The comment is attributable to my client Matt Lock, Technical Director, UK at Varonis.
“The method of attack is absolutely in line with the kill chain spearphishing to drop a pay load, malware used to run reconnaissance to find sensitive data, and then finally exfiltration by SSH, email, Web or DNS. They’re hoping to fly under the radar and avoid detection. We’ve known these research centres have been targets for some months now. I hope the researchers stopped any data loss and detected these patterns of behaviour – there’s no real excuse not to nowadays.
Hackers are like sharks in the water – and critical data is like blood. Organisations are quick to spin up infrastructure to support massive research projects and remote collaboration, but cybersecurity and protecting those critical assets is often an afterthought. Many won’t realise they’ve been hit until the information has already walked out the door, or in this case, quietly siphoned off. Now that the IOCs are available, organisations – whether they’re working on cutting-edge research to battle the coronavirus or other medical or technological breakthroughs — must ensure they’re protected.”