Rival states launch cyber attacks on UK and US coronavirus labs
British and American spooks have issued an urgent warning after uncovering a string of cyber attacks launched by rival states against healthcare organisations fighting coronavirus.
Healthcare bodies, pharmaceutical companies and local government organisations in the UK and US have all been targeted in the attacks, which are aimed at gathering information about the Covid-19 outbreak.
Laboratories carrying out research into the virus have also fallen victim to the “malicious” cyber campaigns.
According to the National Cyber Security Centre (NCSC) and US Cybersecurity and Infrastructure Security Agency (CISA), attackers have carried out so-called password spraying campaigns on a large scale.
This technique involves attacking a large number of accounts with a small number of common passwords, on the basis that at least one account will use one of the common passwords.
The security officials have not named the countries behind the attacks, but they are understood to include Russia, China, Iran and North Korea.
“Protecting the healthcare sector is the NCSC’s first and foremost priority at this time, and we’re working closely with the NHS to keep their systems safe,” said Paul Chichester, NCSC director of operations.
“By prioritising any requests for support from health organisations and remaining in close contact with industries involved in the coronavirus response, we can inform them of any malicious activity and take the necessary steps to help them defend against it.”
The NCSC, which is part of GCHQ, has advised staff at healthcare and research organisations to make sure their passwords are secured.
Any password that could be easily guessed should be replaced by one consisting of three random words, the spooks said. Two-factor authentication should also be used to reduce the threat of compromises.
The alert follows a joint advisory published last month by the NCSC and CISA, which warned that a growing number of cyber criminals and other malicious groups online are exploiting the Covid-19 outbreak for their own personal gain.