Lessons to Learn from Attacks on COVID-19 Research

Lessons to Learn from Attacks on COVID-19 Research

With COVID-19 creating the challenges that it has for so many, there is little wonder that creating a vaccine is such a major focus. Unfortunately, hackers are aware of this focus, and how it makes the organizations conducting vaccine trials particularly vulnerable. Let’s examine this situation, and the lessons that all businesses can take away from it.

Cozy Bear

The National Cyber Security Centre, located in the UK, recently shared that a group has been attacking organizations involved with COVID-19 vaccine research. These claims have been verified by authorities in the United States and Canada.

Known as “APT29,” as well as “Cozy Bear” and “the Dukes”, the attackers level spear phishing attacks and make use of assorted exploits to gain access to their target’s systems. After this access has been obtained, malware known as WellMail or WellMess is released into the environment. Many experts are of the opinion that this is not the first time that APT29 has been active, either. The group is suspected of attacks against various organizations in healthcare, energy, and government, and is believed to be responsible for the 2016 hack of the Democratic National Committee.

In response to this, the CSC has been trying to work with software vendors to ensure that vulnerabilities are patched. If these patches aren’t applied, cybercriminals can find the means to exploit these vulnerabilities and cause problems.

A Spear Phishing Refresher

We’re no strangers to discussions about phishing, simply because it is one of today’s most prevalent threats to network security. Many phishing attacks are sent randomly to a large group of targets, but spear phishing is a different animal. Instead of trying to exploit a lot of people for little payout from each, spear phishing requires careful planning and execution of a highly targeted attack against one person. This person is often seen as the weakest link in an organization’s security by hackers.

With any luck, you won’t need to contend with phishing attacks from a major hacking group. That being said, it’s important that you and your team can identify a potential phishing attack and react appropriately. Here are a few basics to keep in mind:

  • Always check the details. Many phishing attacks will display some subtle issue, either in the email address it comes from or some other detail. Make sure you pay attention for some of these warning signs.
  • Proofread the message. Businesses want to put their best foot forward, so their correspondence is generally carefully edited before it’s sent out. If you receive a message with questionable spelling and grammar, exercise caution.
  • Reach out. If you’re unsure of whether a message is legitimate or not, reach out to the sender through another means to confirm it if you can.

For your business to avoid threats, being able to identify potential phishing attacks is only going to become more important. Find out how to train your team to spot them by reaching out to us. Call BNMC at 978-482-2020 to learn more.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, September 22 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Technology Best Practices Productivity Business Computing User Tips Privacy Email Cloud Network Security Microsoft Efficiency Business Hackers Hosted Solutions Software Computer Malware Data Workplace Tips Communication Google Small Business IT Services Hardware IT Support Mobile Devices Cloud Computing Smartphone Internet Tech Term Managed IT Services Data Recovery Android Users Backup Mobile Device Ransomware Innovation VoIP Phishing Windows Outsourced IT Smartphones Upgrade Saving Money Information Facebook Windows 10 Miscellaneous communications Data Backup Disaster Recovery Microsoft Office Server Cybersecurity Social Media Business Continuity Business Management Office 365 Network Browser Productivity Managed IT Services Internet of Things Quick Tips Data Management Windows 10 Passwords COVID-19 Gadgets Apps App Gmail Vulnerability Remote Monitoring Word Chrome Managed Service Provider Save Money Analytics Conferencing Mobile Office Artificial Intelligence Infrastructure Managed Service Money Encryption BYOD Router Settings Information Technology Employer-Employee Relationship Google Drive Company Culture Remote Work Paperless Office Tip of the week Virtual Reality Website Remote Workers Networking Government IT Support Access Control Collaboration VPN Applications WiFi Document Management Operating System Business Technology Virtual Private Network Display Bandwidth Content Filtering Robot Education Apple YouTube Avoiding Downtime Automation Storage Risk Management Antivirus Development Employee-Employer Relationship Unified Threat Management Office Tips HIPAA Hacker Data storage BDR Maintenance Firewall Spam Big Data Computers IT Management Data Security Server Management Bring Your Own Device Alert Social IT Touchscreen Compliance Business Intelligence LiFi Downtime Retail Hosted Solution Wireless Managed IT Marketing Humor Social Network Solid State Drive Administration Tablet Best Practice How To Training Regulations Mouse Vendor Management iOS Monitors Hard Disk Drive Going Green MSP Chromebook Augmented Reality Two-factor Authentication Managing Stress Managed IT Service Printing Managed Services End of Support Customer Relationship Management Scam Password Data loss Telephone Systems Break Fix Remote Computing Search desktop OneNote Laptop SaaS Data Breach The Internet of Things Wi-Fi Windows 7 Mobile Security Holiday Computing Software as a Service Virtualization Outlook Gamification Spyware Print Toner Legislation Myths Voice over Internet Protocol Dark Data Update Uninterrupted Power Supply Slack Hard Disk Drives Cooperation Service Level Agreement Computer Care IBM Content SharePoint Huawei Cybercrime Budget File Sharing RMM Messaging Microsoft Excel Hotspot Internet Exlporer Data Warehouse IT Technicians Optimization Politics Policy Entertainment Smart Technology Vendor Connectivity Typing Digital Signage Techology Work/Life Balance Current Events Identity Theft Statistics Shortcuts Mobile Management Modem FinTech Customer Service Monitoring Lenovo Solid State Drives Staff Leominster Office Samsung Holidays Corporate Profile Streaming Downloads Processor Health Private Cloud Banking Mail Merge Employee-Employer Relationships Blockchain Language Value Troubleshooting Unified Threat Management Business Analysis Mirgation Recycling Tech Support Automobile Procedure Shortcut Distributed Denial of Service Hybrid Cloud IoT Cryptocurrency G Suite Distribution VoIP IT solutions Bluetooth Security Cameras Comparison Profiles Cookies Halloween Google Docs Dell Firefox Spying Superfish National Security K-12 Schools Social Engineering Hacks Payment Card WannaCry Human Error Memory Social Networking Cabling Analysis Address Students Permissions Computing Infrastructure Professional Services Logistics User Error Virus Chatbots eWaste Websites Google Wallet Google Maps PCI DSS Patch Management Scalability Star Wars Twitter Bitcoin Specifications Utility Computing Nanotechnology Scary Stories Business Growth Updates Wearable Technology Network upgrade Safety Inventory Heating/Cooling Device Multi-Factor Security Reducing Cost Motherboard Cables Running Cable Legal Mixed Reality Alerts USB Asset Management Time Management LED Printer Threats Identity Continuity Unified Communications Drones Battery Migration Consulting Fraud Cost Management Buisness Windows 8 Smart Office Virtual Desktop Digital Payment Peripheral Laptops Black Friday Screen Reader Charging Sports Network Congestion PowerPoint Mobile Device Management Shadow IT Digital Servers Mobility Google Calendar Batteries Wires Deep Learning Meetings Disaster Emergency Licensing Dongle Memes Network Management Co-Managed IT Solar Files Dark Web Assessment Writing Work Management Cyber Monday Managed Services Provider Smart Tech Alt Codes Onboarding GDPR Mobile Computing Webcam Computer Repair Relocation Mobile Data Error How To Recovery Point of Sale Ben McDonald shares Travel Black Market Law Enforcement Supercomputer CrashOverride Notifications Staffing Electronic Medical Records Motion Sickness Printers Physical Security Administrator Taxes Upgrades Gadget IT Budget Emoji Web Server what was your? Crowdsourcing GPS IT Consultant Personal Information Botnet 3D Printing Cortana Cameras Tracking Cleaning Financial Machine Learning Processors Unsupported Software Regulation CCTV

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3