Oxford Covid-19 Laboratory Hacked

Uploaded on 2021-03-10 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Health & Welfare

Oxford University and the National Security Centre (NCSC) are now investigating a cyber breach after a researcher reported that a laboratory researching COVID-19 had been hacked. The breach took place in mid-February and occurred at the Division of Structural Biology, known as Strubi, which has been carrying out research into COVID-19. The university has confirmed the attack but said it had "no impact on any clinical research".

The British National Cyber security Centre (NCSC), the cybersecurity arm of spy agency GCHQ, said in a statement that it was aware of the incident and was "working to fully understand its impact."

It is not clear who the hackers are and they are not ruling out a possible hostile foreign state at this stage. The NCSC said it had been informed by Oxford that the cyber attack had “no impact on any clinical research”. The Strubi lab is distinct from the Jenner Institute, which developed the Oxford University vaccine in conjunction with the pharmaceutical giant AstraZeneca. In the summer of 2020 the UK Government said it was “95 per cent” certain that Russia had attempted to hack into the Jenner Institute and steal its Covid-19 vaccine after an investigation by the NCSC and other intelligence agencies.

This latest breach was identified by Alex Holden, chief technology officer at Hold Security, said the screenshots appeared to show “interfaces” for possible lab equipment, with the ability to control pumps and pressure. 

Professor Alan Woodward, a cyber security expert at the University of Surrey, said: “With the current interest in molecular structures in Covid research one might speculate that it was someone searching for data about the virus or the vaccine. It’s difficult to see why they would want to sabotage research... As the attackers were selling access it suggests it was probably not a nation state but a group who thought nation states or those working on valuable intellectual property might pay for.”

The US, British and Canadian security services last year alleged that a hacking group believed to be operating as part of Russian intelligence services was targeting organisations involved in Covid-19 vaccine development. 

Digital espionage targeting health bodies, vaccine scientists and drug makers has surged during the COVID-19 pandemic. In December, US drug maker Pfizer Inc and its German partner BioNTech SE disclosed that documents related to development of their COVID-19 vaccine had been “unlawfully accessed” in a cyber attack on Europe’s medicines regulator.

NCSC:    Telegraph:        LiveMint:      LondonSouthEast:        Mirror:     Economic Times:      Reuters:     ITPro

You Might Also Read: 

North Korea Accused Of Pfizer Vaccine Hack:

 

 

« Webinar: Build a security posture strategy in the AWS Cloud
Cyber Security For The Internet of Medical Things »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Gigamon

Gigamon

Gigamon provides intelligent Traffic Visability solutions that provide unmatched visbility into physical & birtual networks without affecting the performance or stability of production environments.

Resilient Information Systems Security (RISS)

Resilient Information Systems Security (RISS)

RISS is a research group is in the Department of Computing at Imperial College London.

We Watch Your Website

We Watch Your Website

We Watch Your Website provide website monitoring, protection, malware removal and root cause analysis services to help you keep your website secure.

Microsoft Security

Microsoft Security

Microsoft Security helps protect people and data against cyberthreats to give you peace of mind. Safeguard your people, data, and infrastructure.

Alan Boswell Group

Alan Boswell Group

We are a Group of Companies providing specialist Insurance Broking and Risk Management advice and services including Cyber Risk cover.

Simeio Solutions

Simeio Solutions

Simeio is a complete Identity and Access Management (IAM) solution provider that engages securely with anyone, anywhere, anytime.

Halon

Halon

Halon is a flexible security and operations platform for in-transit email.

Aporeto

Aporeto

The Aporeto platform protects cloud applications from attack by authenticating and authorizing all communications with a cryptographically signed identity assigned to every workload.

Advens

Advens

Advens is a company specializing in information security management. We provide Consultancy, Security Audits and Technology Solutions.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance provides an array of cybersecurity services including cybersecurity policy management, risk assessments and regulatory compliance consulting.

Digital Craftsmen Ltd

Digital Craftsmen Ltd

We're ISO27001 & Cyber Essentials Cybersecurity experts, delivering full cloud security and managed services. We take a bespoke approach for each client from hosting, optimising & securing them online

Udacity

Udacity

Udacity's mission is to train the world’s workforce in the careers of the future. Our programs range from beginner to expert levels and deliver the hands-on skills for real-world expertise.

Xperience

Xperience

Xperience solves our clients’ toughest challenges by delivering business efficiency through digital transformation solutions across cloud, managed IT, CRM and ERP.

Quantum Ventura

Quantum Ventura

Quantum Ventura is a technology innovation company with a single mission of delivering customer-centric advanced solutions to US Federal & State Governments and Private Sector customers.

Confidencial

Confidencial

Confidencial is a provider of solutions that help organizations secure their most sensitive information, regardless if that information exists inside or is shared outside the organization.