The following article was provided by University of Guelph News Services:
With Canada’s spy agency, CSIS, warning Canadian university researchers and pharmaceutical companies they are at increased risk of cyberattacks during the COVID-19 pandemic, the University of Guelph has an expert who can offer comment.
Prof. Ali Dehghantanha is the director of the Cyber Science Lab in U of G’s School of Computer Science.
He says the new threat that CSIS warns of comes from “advanced persistent threat” (APT) groups. These are networks of state-sponsored hackers whose aim is to gain access to critical computer networks to steal information.
“These are very well-funded hacking teams whose main goal is not to make money but to support their governments’ priorities,” he said.
APTs have typically targeted confidential government data or critical infrastructure, such as dams or oil and gas facilities. But since the pandemic, Dehghantanha said, there has been a significant shift in attacks toward pharmaceutical companies and university scientists conducting COVID-19-related research.
“They are particularly interested in research on new therapies or vaccines, to help their governments gain an advantage,” he said. “Their intention is to compromise the computer networks of these labs and steal their research.”
Other APTs are trying to target the supply chains of materials such as personal protective equipment to try to give their governments an advantage in the global procurement trade of these supplies.
Dehghantanha said others in the cybersecurity community have already been hearing reports of APT security breaches.
“We can see they are using the same tactics, techniques and procedures that APTs have used in the past, but they are now focused on research centres dealing in COVID research,” he said.
“Many of these research centres are not prepared for these attacks, because it is simply a completely different scale of attack.”