Securing Your Assets Against Cybersecurity Threats

According to the U.K.’s National Cyber Security Centre (NCSC) July 2020 advisory, hackers are using phishing tools and spear-phishing tactics in an attempt to steal coronavirus (COVID-19) vaccine data and intellectual property assets from a number of medical research companies

In the combined effort with the NCSC, the U.S.’s Department of Homeland Security - Cybersecurity and Infrastructure Security Agency (DHS-CISA) and the National Security Agency (NSA), and Canada’s Communications Security Establishment (CSE) have accused a Russian intelligence group, APT29 a.k.a. “Cozy Bear” of initializing the hack. The fraudulent emails and other malware tools (“WellMess” and “WellMail”) that APT29 have used for the hack are often rife with trojans and extraction tools that can steal information without one’s permission. Currently, these counter-intelligence groups who utilize these mechanisms are targeting the pharmaceutical organizations that conduct and store research for COVID-19 vaccine trials.

While these allegations have been vehemently denied by the accused and no information has been hindered by the attempt, the hacking threat on information remains a high possibility. Other hacker groups who feel emboldened by this event can target your company’s information in the same manner. For more information on combating phishing tactics and securing your information, take a look at “Ways to Mitigate Social Engineering-based Cyber Attacks” and “Strategies to Combat the Rise of APTs.”

Organizations and federal agencies should always be aware of the hacking threats that exist in the cybersecurity space. Noted in the NCSC advisory, phishing and spear-phishing are two common ways that APT groups gain information unbeknownst to the organizations. Definitions are as follows:

• Phishing is the fraudulent practice of sending emails claiming to be from reputable companies to persuade individuals to reveal personal information, such as passwords and credit card numbers

• Spear-phishing is a targeted phishing tactic used to steal sensitive information such as account credentials or financial information from a specific person or organization, often for malicious reasons

Security is a top priority for businesses and government agencies. All organizations should have effective solutions that help protect the company’s assets from exploitation by APT Groups. The following methods identify vulnerabilities, detect potential threats, and successfully protect organizations’ information assets:

• Cyber Security Assessment: A cybersecurity assessment analyzes an organization’s cybersecurity controls and their ability to remediate vulnerabilities, which allows the organization to gain a high-level analysis of the network’s weaknesses so security teams can begin implementing security controls correspondingly.

• Vulnerability Assessmentt: Regular assessments of the resiliency of networks and devices that protect, process, store and transmit information are critical. It is also important to identify security issues that might compromise the organization’s information, systems, or devices to determine the weaknesses of your information systems.

• Penetration Testing: Penetration Testing is a real-life testing of an organization’s applications, systems, and devices to identify vulnerable Internet Protocol (IP) access points and determine where resilience to internal and external attacks and breaches are weak..

• Application Security Assessmentnt: Application security assessments help organizations determine whether their off-the-shelf or custom application software contains vulnerabilities that can be exploited. This consists of evaluating applications to minimize the risk of information leakage, authentication and session management breaches, spoofing, impersonation, command injections and denial of service attacks. The application security assessment also determines whether the software behaves and interacts securely with its users, databases, and other applications.

The fight against APTs, and other cybercrime is a continuous effort. Organizations need to become more aware of the nature of these attacks and the available technologies that can help to combat these attacks. There is no doubt that APT attacks and other cybercrimes continue to evolve, and the defense strategies adopted and implemented by organizations should too. A top-down approach is essential for effectiveness, longevity, and agility in this fight.

Need the assistance with Cybersecurity Assessment, Vulnerability and Penetration Testing? Connect with our experts today.

[1] https://www.ncsc.gov.uk/files/Advisory-APT29-targets-COVID-19-vaccine-development.pdf

[2] https://blog.wilsoncgrp.com/ways-to-mitigate-social-engineering-based-cyber-attacks/

[3] https://blog.wilsoncgrp.com/strategies-to-combat-the-rise-of-advanced-persistent-threats-apts/

[4] https://www.reuters.com/article/us-health-coronavirus-cyber/russia-trying-to-hack-and-steal-covid-19-vaccine-data-says-britain-idUSKCN24H236

[5] https://www.bbc.com/news/technology-53429506

[6] https://www.cnbc.com/2020/07/16/us-uk-and-canada-say-russia-trying-to-steal-coronavirus-vaccine-data.html

[7] https://www.nytimes.com/2020/07/16/us/politics/vaccine-hacking-russia.html?smid=ig-nytimes&utm_source=curalate_like2buy&utm_medium=curalate_like2buy_3euQ1BMQ__50301ae5-7c64-4969-a0aa-64c37e6e8adf&crl8_id=50301ae5-7c64-4969-a0aa-64c37e6e8adf