• For Enquiry
  • 847-868-9253
  • 847-868-9208
  • Home
  • Why Choose CIO Landing?
    • Our Team
    • Success Stories
    • ‘8 Things’ We Do Better
    • Partners & Certifications
    • Our Services
  • Industry Expertise
    • Manufacturing
    • Medical
    • Education
    • Financial Services
    • Non-Profit
    • Law Firms
  • IT Solutions
    • Co-Managed Service
    • Managed IT Services
    • IT Support
      • On Demand Services
      • Office Moves & Wiring
      • Security
    • Server Management
    • Backup & Disaster Recovery
    • Cloud Services
    • CIO & IT Consulting
    • Cybersecurity Services
    • VoIP
    • Managed Firewall
    • Microsoft 365
      • Microsoft 365 Plans
        • Small Business
        • Enterprise
        • Education
    • Hardware & Software Sales
    • Email & Spam Protection
  • Resources
    • Free Copy Of New Book
    • Blog
    • Newsletter
    • Video Tips
      • Video Tips Archive
    • Free Cloud Report
    • IT Buyers Guide
    • Cybersecurity Crisis Report
    • Network Audit
    • COVID 19 Resources
    • In The NEWS
    • Online Training
  • About Us
    • Our Mission
    • Leadership
    • Teams
    • Referral Program
    • Press Releases
      • CIO Landing: More Than Just an IT
      • Small businesses can have an IT department too
      • CIO Landing, Inc. has joined forces with Banc Certified Merchant Services (BCMS).
    • Affiliations
    • Careers
      • Job Descriptions
    • FAQs
    • Causes We Support
    • Privacy Policy
    • Terms & Conditions
  • Locations
    • Northfield, IL
    • Northbrook, IL
    • Chicago, IL
    • Miami, FL
  • Support
✕
Android Users Beware Of BlackRock Malware Credential Stealer
July 29, 2020
G-Suite Users Get New Security Features
July 31, 2020

Covid-19 Researchers Come Under Attack By Hackers

July 30, 2020

A number of prominent hacking groups made a gentleman’s agreement with research labs that are attempting to develop a vaccine for the deadly COVID-19 virus currently ravaging the planet.

The agreement was promising that no attacks against research facilities would be made. Unfortunately, not everyone is playing by those rules.

Recently, intelligence agencies in the US and Europe as well as security researchers around the world have spotted evidence. They found that Russian hackers believed to have ties to the Russian government, have begun attacking R&D centers that are actively working on a cure for the virus.

The attacks have been attributed to APT29, which is also referred to variously as The Dukes, Yttrium, or Cozy Bear. This group’s normal targets are government installations, think tanks, energy companies, diplomatic corporations around the world, and healthcare organizations.

The National Cyber Security Centre (NCSC), out of the UK, recently published a security advisory that reads, in part, as follows:

“Throughout 2020, APT29 has targeted various organisations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines.”

The advisory goes on to detail that APT29 is initiating these attacks with spear phishing.

APT29 is also exploiting several known security vulnerabilities, including those found in:

  • Citrix (CVE-2019-19781)
  • Pulse Secure (CVE-2019-11510)
  • Fortigate (CVE-2019-13379)
  • Zimbra Collaboration Suite (CVE-2019-9670)

The frustrating thing about this is that patches for all of the security flaws listed above already exist. It’s just that too often, the IT professionals working in R&D organizations have been slow to apply them, leaving research stations around the world vulnerable at a time when they’re conducting critical research that could stop the global pandemic in its tracks.

Once APT29 gains a foothold on a targeted network, they install a pair of custom malware applications called ‘WellMess’ and ‘WellMail,’ both written in Golang. If your firm is in any way connected to ongoing COVID-19 research efforts, stay on the alert for this one. It’s a serious threat indeed, and the attack is coming from one of the most dangerous groups of hackers on the planet.

Share
17
taylor
taylor

Related posts

March 10, 2025

The Hidden Threat: How Gift Card Scams Are Targeting Businesses Like Yours

Read more
February 11, 2025

CIO Landing Named to CRN’s MSP 500 List for 2025—For the Third Year in a Row!

Read more
December 4, 2024

Unlocking the Power of Windows 11: Tips for Maximum Productivity

Read more
© 2025 All Rights Reserved | Powered by CIO Landing