Oxford Covid-19 Laboratory Hacked

Oxford University and the National Security Centre (NCSC) are now investigating a cyber breach after a researcher reported that a laboratory researching COVID-19 had been hacked. The breach took place in mid-February and occurred at the Division of Structural Biology, known as Strubi, which has been carrying out research into COVID-19. The university has confirmed the attack but said it had "no impact on any clinical research".

The British National Cyber security Centre (NCSC), the cybersecurity arm of spy agency GCHQ, said in a statement that it was aware of the incident and was "working to fully understand its impact."

It is not clear who the hackers are and they are not ruling out a possible hostile foreign state at this stage. The NCSC said it had been informed by Oxford that the cyber attack had “no impact on any clinical research”. The Strubi lab is distinct from the Jenner Institute, which developed the Oxford University vaccine in conjunction with the pharmaceutical giant AstraZeneca. In the summer of 2020 the UK Government said it was “95 per cent” certain that Russia had attempted to hack into the Jenner Institute and steal its Covid-19 vaccine after an investigation by the NCSC and other intelligence agencies.

This latest breach was identified by Alex Holden, chief technology officer at Hold Security, said the screenshots appeared to show “interfaces” for possible lab equipment, with the ability to control pumps and pressure. 

Professor Alan Woodward, a cyber security expert at the University of Surrey, said: “With the current interest in molecular structures in Covid research one might speculate that it was someone searching for data about the virus or the vaccine. It’s difficult to see why they would want to sabotage research... As the attackers were selling access it suggests it was probably not a nation state but a group who thought nation states or those working on valuable intellectual property might pay for.”

The US, British and Canadian security services last year alleged that a hacking group believed to be operating as part of Russian intelligence services was targeting organisations involved in Covid-19 vaccine development. 

Digital espionage targeting health bodies, vaccine scientists and drug makers has surged during the COVID-19 pandemic. In December, US drug maker Pfizer Inc and its German partner BioNTech SE disclosed that documents related to development of their COVID-19 vaccine had been “unlawfully accessed” in a cyber attack on Europe’s medicines regulator.

NCSC:    Telegraph:        LiveMint:      LondonSouthEast:        Mirror:     Economic Times:      Reuters:     ITPro

You Might Also Read: 

North Korea Accused Of Pfizer Vaccine Hack:

 

 

« Webinar: Build a security posture strategy in the AWS Cloud
Cyber Security For The Internet of Medical Things »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Pen Test Partners LLP

Pen Test Partners LLP

Pen Test Partners provides penetration testing, security assessment and training services.

Link11 GmbH

Link11 GmbH

Link11 provides DDoS protection solutions to protect websites and complete server infrastructures from DDoS attacks.

Bromium

Bromium

Bromium deliver a new technology called micro-virtualization to address the enterprise security problem and provide protection for end users against advanced malware.

Jeffer Mangels Butler & Mitchell LLP (JMBM)

Jeffer Mangels Butler & Mitchell LLP (JMBM)

JMBM is a full service law firm providing counseling and litigation services in a wide range of areas including cyber security.

Mitre

Mitre

At Mitre we work across government to tackle challenges to the safety, stability, and well-being of our nation. Areas of expertise include Cybersecurity.

Mosaic 451

Mosaic 451

Mosaic451 is a bespoke IT managed services provider and consultancy specializing in information security, operations and design.

Neudomains

Neudomains

Neudomains is a Corporate Domain Name Management and Brand Protection Online Specialist. One of the world's top providers of online brand protection and enforcement.

Real Protect

Real Protect

Real Protect is a Brazilian provider of managed security (MSS) and cyber defense services.

Future Planet Capital

Future Planet Capital

Future Planet is the impact-led, global venture capital firm built to invest in high growth potential companies from the world's top research centres.

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL) is the largest integrated Information Communication Technology (ICT) company of Pakistan.

Cerby

Cerby

Your team uses unmanageable applications that put you, your company, and your data at risk. Protect, secure, and accelerate your business automatically with Cerby.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

Data Pie Cybersecurity

Data Pie Cybersecurity

The Data Pie Cybersecurity Consulting offers a 360° around protection for your IT security. Security awareness solutions and consulting.

Skyhawk Security

Skyhawk Security

Skyhawk Security is the originator of Cloud threat Detection and Response (CDR), helping hundreds of users map and remediate sophisticated threats to cloud infrastructure in minutes.

InQuest

InQuest

InQuest specialize in providing comprehensive network-based security solutions that empower organizations to protect their most critical assets: their people.

Invisinet Technologies

Invisinet Technologies

Invisinet is a cybersecurity technology company specializing in innovative solutions that protect network infrastructure and critical assets from advanced threats.