This post was originally published on this site
Jeremy Fleming, director of Government Communication Headquarters (GCHQ).
Vaccine development has become the latest target of cybercriminals.
More than a quarter of all cyber threats handled by the U.K.’s National Cyber Security Centre (NCSC) involved criminals and hostile states exploiting the pandemic, according to its latest report.
U.K. spies detected 723 incidents in the 12 months to end of Aug. 31, a 10% rise from 658 in the same period in 2019, the NCSC, a branch of the intelligence agency GCHQ, said in its annual review published on Tuesday.
Of these, around 200 were related to the coronavirus pandemic, highlighting the growing threat to the U.K.’s health-care sector amid the pandemic, with the agency identifying the National Health Service and vaccine research as a new cyber-espionage risk.
“The world changed in 2020 and so did the balance of threats we are seeing,” said Jeremy Fleming, GCHQ’s director.
“The expertise of the NCSC has been invaluable in keeping the country safe: enabling us to defend our democracy, counter high levels of malicious state and criminal activity, and protect against those who have tried to exploit the pandemic,” he added.
The report comes just days after U.S. federal agencies warned that the U.S. health-care system is facing an “increased and imminent” threat of cybercrime. In September, a ransomware attack hit hospital chain Universal Health Services UHS, +3.80%, which operates more than 250 hospitals, forcing doctors and nurses to rely on paper backup systems.
Read: FBI warns major ransomware attack threatens to hobble hospitals
The NCSC said the majority of incidents related to health were carried out by cybercriminals, and that it had disrupted 15,354 campaigns that used coronavirus themes as a “lure” to trick people into clicking on a link or opening an attachment containing malicious software.
Some involved fake shops selling personal protective equipment, testing kits and cures, and even sham key-worker badges designed to activate supermarket discounts.
The agency highlighted the emergence of more serious threats. In July, security officials revealed that Russian cyber actors, known as APT29, had been targeting organizations involved in coronavirus vaccine development. The NCSC assessed that APT29, also named “The Dukes” or “Cozy Bear,” almost certainly operated as part of Russian intelligence services. A Kremlin spokesperson has denied that Russia was involved in the attacks.
Read: Russia accused by U.S., U.K., Canada of hacking coronavirus vaccine trials
The NCSC said it had scanned more than one million NHS IP (internet protocol) addresses to look for vulnerabilities, and had shared 51,000 indicators of compromise. The agency added that it had worked with international allies to raise awareness of the threat of vaccine-research targeting.
“We actively redirected our efforts to defend the health sector and because it was such a priority, it rose to our second most supported sector this year,” said Eleanor Fairford, NCSC deputy director, incident management.
In April, the agency launched its Suspicious Email Reporting Service which allows the public to flag suspect emails which may link to fraudulent websites. The service received 2.3 million reports from the public in its first four months — resulting in thousands of malicious websites being taken down.