The UK’s National Cyber Security Centre (NCSC) along with the American Department of Homeland Security’s CISA have issued a specific warning to pharmaceutical companies, medical research organisations and universities.
NCSC and CISA have identified a spike in activity from state sponsored cyber hackers and what are known as advanced persistent threat (APT) actors scanning websites of targeted enterprises looking for vulnerabilities in unpatched software so as to take advantage of Citrix vulnerability CVE-2019-19781 and vulnerabilities in VPN products.
Particular caution over the supply chain is recommended as hackers see suppliers’ systems as offering easier access to their end target network and data and also wish to take advantage of the greater vulnerability brought by dramatically increased levels of homeworking.
COVID-19 research is the target as the APTs wish to steal research for their own nation’s efforts to address the virus or for commercial gain.
A hacking technique associated with this spike in activity is “password spraying” where the hacker tries to gain access using a single and commonly used password against many accounts before moving on to try a second password, and so on.
What can you do to better protect your network and data ?
NCSC and CISA recommend:
Bird & Bird’s international cyber security team are on stand-by to assist you. With immediate access to our network of tried and tested cybersecurity consultants we cover all aspects of cybersecurity and can help in delivering rapid improvements to cyber resilience as well as parachuting in to help deal with incidents.