Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

F-Secure comment: UK and allies expose Russian attacks on covid vaccine development

July 2020 by Calvin Gan, manager of F-Secure’s Tactical Defence Unit

Comment from Calvin Gan, manager of F-Secure’s Tactical
Defence Unit around the Russian hacking attempts on COVID vaccine
research:

_"The healthcare sector along with the WHO has been a target throughout
the pandemic. The FBI also released an alert in May warning healthcare
sector to take additional precaution to secure their systems and
research._

APT29 has been here for a number of years and, while they have been
laying low, it did not mean that they were not updating their arsenal.
There has been new malware attributed to APT29 as of June 2019. Moving
towards targeting Covid-19 vaccine research now seem to be a valuable
target, although a first for APT29, as they have targeted other
industries in the past.

Looking specifically into the advisory, the attacks have been ongoing
and appear to continue. It targets vulnerabilities that has already been
published earlier with patches made available for a while. This goes to
show that the healthcare industry needs help in securing their
environment if they are also struggling with proper patch management
within the network. We have seen this before with WannaCry on the amount
of effort needed to update traditional systems in the sector, and we are
still seeing it now with this new batch of vulnerabilities. While we
have seen the industry taking new technologies into use and breaking
away from traditional setup, having the same root issue of traditional
patch management or mindset will likely not solve the problem. To adapt
to new technology would also mean to adapt to new process that is
constantly changing, which the healthcare sector may not be fully
equipped or ready to embrace.

On what’s next, besides following the guidance in the advisory, any
organisation involved in the healthcare industry should also assist in
combatting this by looking into their own systems. These systems may not
be directly contributing to the research but could be used as a
steppingstone to attain the final target. Just like how humans are used
in phishing attacks, systems that are exposed (which may seem unrelated)
could be used to further move towards the end goal if they are somehow
connected.

APT29 has been around for long enough to have built up elite skills to
continuously improve and remain stealthy, so the entire industry has to
move with the same pace, if not a step ahead."_


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts