Office of the Chief Information Security Officer

July 20, 2020

Hackers target COVID-19 research

This message was sent via email to UW researchers by Joe Giffels, Associate Vice Provost for Research Administration and Integrity, and Rebekah Skiver Thompson, Associate Vice President and Chief Information Security Officer on July 20, 2020.

On July 16, national security agencies in the U.S., the U.K., and Canada jointly issued an advisory describing Russian hackers’ attempts to illicitly acquire COVID-19 vaccine-related intellectual property. Beginning in February 2020, cyber criminals have increasingly targeted U.S. pharmaceutical, medical, and biological research facilities to acquire or manipulate sensitive information, particularly COVID-19 vaccine and treatment research. We want to take this opportunity to raise awareness of the risk to research information and what you can do to help protect it.

Though cyber criminals scan for and attempt to exploit computer system vulnerabilities, their primary focus is acquiring valid credentials in order to gain access to computer systems. Cyber criminals acquire valid credentials through phishing attacks, as well as searching databases of previously exposed credentials. Valid credentials may provide attackers with access to:

  • Computers via remote desktop services.
  • Email accounts and file shares.
  • Internal networks via VPN access.

With this access, cyber criminals may:

  • Commit economic espionage by copying intellectual property.
  • Commit extortion by encrypting and ransoming research information.
  • Commit fraud by posing as an individual through the use of their email account.
  • Sabotage research by manipulating data.

What can you do?

  • Create and maintain offline backups or copies of research information.
  • Be alert for phishing: Watch for messages impersonating colleagues and think twice before entering your user ID and password on a website or opening a link or file attached to an email message.
  • Configure and use two-factor authentication for access to accounts where available.
  • Update account passwords if you currently use the same password for multiple accounts, especially if you’ve used your UW email address to establish those accounts. Use a unique password for each account.
  • Use a password manager, such as LastPass, to make creating and managing unique passwords easier. Never re-use your UW NetID password for other accounts.
  • Promptly install software and operating system updates.
  • Install and use antivirus software. Sophos antivirus software is available to the UW community for personal and UW-owned computers.
  • Report suspicious or malicious activity to your IT staff and the Office of the Chief Information Security Officer (CISO).

Resources

National Cyber Security Centre Advisory:

https://www.ncsc.gov.uk/files/Advisory-APT29-targets-COVID-19-vaccine-development-V1-1.pdf

General

Backups

Phishing

Passwords

Two-Factor Authentication

Software updates

Antivirus software

  • Sophos antivirus software on IT Connect

Report suspicious/malicious activity: email ciso@uw.edu

 
More Articles