Oxford Covid-19 Laboratory Hacked

Oxford University and the National Security Centre (NCSC) are now investigating a cyber breach after a researcher reported that a laboratory researching COVID-19 had been hacked. The breach took place in mid-February and occurred at the Division of Structural Biology, known as Strubi, which has been carrying out research into COVID-19. The university has confirmed the attack but said it had "no impact on any clinical research".

The British National Cyber security Centre (NCSC), the cybersecurity arm of spy agency GCHQ, said in a statement that it was aware of the incident and was "working to fully understand its impact."

It is not clear who the hackers are and they are not ruling out a possible hostile foreign state at this stage. The NCSC said it had been informed by Oxford that the cyber attack had “no impact on any clinical research”. The Strubi lab is distinct from the Jenner Institute, which developed the Oxford University vaccine in conjunction with the pharmaceutical giant AstraZeneca. In the summer of 2020 the UK Government said it was “95 per cent” certain that Russia had attempted to hack into the Jenner Institute and steal its Covid-19 vaccine after an investigation by the NCSC and other intelligence agencies.

This latest breach was identified by Alex Holden, chief technology officer at Hold Security, said the screenshots appeared to show “interfaces” for possible lab equipment, with the ability to control pumps and pressure. 

Professor Alan Woodward, a cyber security expert at the University of Surrey, said: “With the current interest in molecular structures in Covid research one might speculate that it was someone searching for data about the virus or the vaccine. It’s difficult to see why they would want to sabotage research... As the attackers were selling access it suggests it was probably not a nation state but a group who thought nation states or those working on valuable intellectual property might pay for.”

The US, British and Canadian security services last year alleged that a hacking group believed to be operating as part of Russian intelligence services was targeting organisations involved in Covid-19 vaccine development. 

Digital espionage targeting health bodies, vaccine scientists and drug makers has surged during the COVID-19 pandemic. In December, US drug maker Pfizer Inc and its German partner BioNTech SE disclosed that documents related to development of their COVID-19 vaccine had been “unlawfully accessed” in a cyber attack on Europe’s medicines regulator.

NCSC:    Telegraph:        LiveMint:      LondonSouthEast:        Mirror:     Economic Times:      Reuters:     ITPro

You Might Also Read: 

North Korea Accused Of Pfizer Vaccine Hack:

 

 

« Webinar: Build a security posture strategy in the AWS Cloud
Cyber Security For The Internet of Medical Things »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: How to improve your security posture with a web application firewall (WAF)

ON-DEMAND WEBINAR: How to improve your security posture with a web application firewall (WAF)

Watch this webinar to discover how a WAF goes beyond a standard firewall and helps you meet security industry compliance.

Security Weekly

Security Weekly

Security Weekly provides free content within the subject areas of IT security news, vulnerabilities, hacking, and research.

Purdicom

Purdicom

Purdicom (formerly known as Selcoms) is an award winning distributor specialising in Wireless, Cloud & Security technologies.

Mi-Token

Mi-Token

Mi-Token is an advanced two-factor authentication solution that offers unparalleled security, flexibility, cost-effectiveness and ease of use.

Radar Cyber Security

Radar Cyber Security

Radar Cyber Security is the only European supplier of Managed Detection & Response who provides its services based on inhouse developed technology.

Security & Intelligence Agency (SOA) - Croatia

Security & Intelligence Agency (SOA) - Croatia

SOA is the Croatian security and intelligence service. Areas of activity include Cyber Security and Information Security.

Kuratorium Sicheres Österreich (KSO)

Kuratorium Sicheres Österreich (KSO)

KSO is an independent non-profit association that has set itself the goal of making Austria safer as a national networking and information platform for topics of internal security.

Odyssey

Odyssey

Odyssey is an ISO 27001 certified, Cyber -Security, Infrastructure and Risk Management Solutions integrator and a Managed Security Services Provider.

Callsign

Callsign

Callsign’s mission is to seamlessly power the identification of every web, mobile and physical interaction.

Beosin

Beosin

Beosin is a blockchain security company providing cybersecurity services including security audits, on-chain asset investigation, threat intelligence and wallet security.

Asia ICS Cyber Security Conference

Asia ICS Cyber Security Conference

Asia ICS Cyber Security Conference is a day of intense presentations and panel discussions on the latest Cyber Security threats and solutions targeted at industrial control systems.

Conference Index

Conference Index

Conference Index provides an indexed listing of upcoming meetings, seminars, congresses, workshops, summits and symposiums across a wide range of subjects including Cybersecurity.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.

Hyperwise Ventures

Hyperwise Ventures

Hyperwise Ventures lead seed investments in startups in the cyber security and enterprise software spaces.

Intel 471

Intel 471

Intel 471 provides adversary and malware intelligence for leading intelligence, security and fraud teams.