Oxford Covid-19 Laboratory Hacked

Oxford University and the National Security Centre (NCSC) are now investigating a cyber breach after a researcher reported that a laboratory researching COVID-19 had been hacked. The breach took place in mid-February and occurred at the Division of Structural Biology, known as Strubi, which has been carrying out research into COVID-19. The university has confirmed the attack but said it had "no impact on any clinical research".

The British National Cyber security Centre (NCSC), the cybersecurity arm of spy agency GCHQ, said in a statement that it was aware of the incident and was "working to fully understand its impact."

It is not clear who the hackers are and they are not ruling out a possible hostile foreign state at this stage. The NCSC said it had been informed by Oxford that the cyber attack had “no impact on any clinical research”. The Strubi lab is distinct from the Jenner Institute, which developed the Oxford University vaccine in conjunction with the pharmaceutical giant AstraZeneca. In the summer of 2020 the UK Government said it was “95 per cent” certain that Russia had attempted to hack into the Jenner Institute and steal its Covid-19 vaccine after an investigation by the NCSC and other intelligence agencies.

This latest breach was identified by Alex Holden, chief technology officer at Hold Security, said the screenshots appeared to show “interfaces” for possible lab equipment, with the ability to control pumps and pressure. 

Professor Alan Woodward, a cyber security expert at the University of Surrey, said: “With the current interest in molecular structures in Covid research one might speculate that it was someone searching for data about the virus or the vaccine. It’s difficult to see why they would want to sabotage research... As the attackers were selling access it suggests it was probably not a nation state but a group who thought nation states or those working on valuable intellectual property might pay for.”

The US, British and Canadian security services last year alleged that a hacking group believed to be operating as part of Russian intelligence services was targeting organisations involved in Covid-19 vaccine development. 

Digital espionage targeting health bodies, vaccine scientists and drug makers has surged during the COVID-19 pandemic. In December, US drug maker Pfizer Inc and its German partner BioNTech SE disclosed that documents related to development of their COVID-19 vaccine had been “unlawfully accessed” in a cyber attack on Europe’s medicines regulator.

NCSC:    Telegraph:        LiveMint:      LondonSouthEast:        Mirror:     Economic Times:      Reuters:     ITPro

You Might Also Read: 

North Korea Accused Of Pfizer Vaccine Hack:

 

 

« Webinar: Build a security posture strategy in the AWS Cloud
Cyber Security For The Internet of Medical Things »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Puppet

Puppet

Puppet is a leader in IT automation. Our software helps DevOps securely automate configuration and management of machines and the software running on them.

Advanced Systems International SAC

Advanced Systems International SAC

Advanced Systems international is a global company dedicated to data security software design, development, support, and licensing.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Private Internet Access

Private Internet Access

Private Internet Access is a Virtual Private Network services provider offering secure encrypted access to the internet.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

DFI

DFI

DFI is a global leading provider of high-performance computing technology across multiple embedded industries.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

SecureTech360

SecureTech360

SecureTech360 is a cybersecurity and IT consulting firm whose principals have extensive experience in Cybersecurity and Information Technology.

Cybaverse

Cybaverse

Cybaverse (formerly North Star Cyber Security) was founded to create the perfect blend of a Managed Security Service Provider (MSSP) and a Cyber Security Consultancy in one.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

Marlink

Marlink

Marlink smartly integrates hybrid, future-ready network solutions so you can benefit from the best available connectivity and IT to accelerate your digitalisation and empower your remote operations.

OSP Cyber Academy

OSP Cyber Academy

OSP Cyber Academy are a managed service provider of cyber, information security and data protection training.

Xact IT Solutions

Xact IT Solutions

Xact IT Solutions are a certified cybersecurity firm offering cybersecurity, compliance and managed services.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

Kusari

Kusari

Securing your software supply chain starts with understanding. Kusari is on a mission to bring transparency to your software supply chain and power secure development.

Lenze

Lenze

Lenze are an experienced partner for automation systems, digitalization and cyber security.