UPDATED 21:42 EDT / FEBRUARY 28 2021


Oxford University lab studying COVID-19 targeted by cyberattack

A lab studying COVID-19 at the University of Oxford has been targeted by a cyberattack with at least some access gained to internal systems.

First reported Feb. 25 by Forbes, the attack on Oxford’s Division of Structural Biology is believed to have occurred around the middle of February. Officially Oxford University is describing it as an isolated incident, although Forbes noted that the hackers has been showing off access to a number of systems, including machines used to prepare biochemical samples.

“We have identified and contained the problem and are now investigating further,” an Oxford University spokesperson said. “There has been no impact on any clinical research, as this is not conducted in the affected area. As is standard with such incidents, we have notified the National Cyber Security Center and are working with them.”

Oxford, along with British-Swedish multinational pharmaceutical company AstraZeneca plc jointly offers the Oxford/AstraZeneca COVID-19 vaccine that is being actively used or is in the process of being rolled out to 136 countries.

This isn’t the first time a company or organization studying and producing COVID-19 vaccines has been targeted and/or data stolen. Data on the Pfizer-BioNTech COVID-19 vaccine stolen in December was subsequently published online by those behind the hack in January.

Hackers also leaked data stolen from a medical research company studying COVID-19 in March, while it was disclosed in November that North Korean hackers were targeting staff at AstraZeneca. And the U.S. Department of Treasury Financial Crimes Enforcement Network warned Dec. 29 that hackers were targeting vaccines and distribution with fraud, ransomware and other types of criminal activity.

“Criminals will go wherever they see value,” Jonathan Knudsen, senior security strategist at electronic design automation company Synopsys Inc.’s Software Integrity Group, told SiliconANGLE. “Right now, information about COVID vaccines is highly valuable, especially to nation-states hoping for strategic advantage. And what’s the easiest way to steal information? In many cases, it’s probably a software-based attack.”

Knudsen noted that scientists might not put cybersecurity front and center in their daily work, but it’s as important for them as it is for any other type of organization.

“The same fundamentals apply for any organization: identify assets, figure out what can go wrong and apply protection,” he said. “Basic cybersecurity training is essential for lab workers, just as basic safety training is essential for factory or warehouse workers. Recognizing the value of data and computing resources will put protection efforts into the proper perspective.”

Photo: Tejvan Pettinger/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy