UPDATED 23:27 EDT / NOVEMBER 23 2021

SECURITY

Tardigrade malware used to target biomanufacturing facilities

A previously unknown hacking group is claimed to be actively targeting biomanufacturing facilities in the U.S. using a new form of malware dubbed “Tardigrade.”

The claim was made this week by the Bioeconomy ​​Information Sharing and Analysis Center. The first alleged attack using Tardigrade is said to have occurred in spring 2021, with a second attack in October.

BIO-ISAC describes the malware as having advanced characteristics and suggests that it’s the work of an advanced threat detection group. Not surprisingly, they also suggest that the APT is likely a nation-state intelligence service.

Espionage is the main aim of Tardigrade, but the malware also causes other issues including network outages.

According to Wired, the attacks may be linked to COVID-19 research. Tardigrade’s functionality includes a Trojan, keylogger, data theft and also establishes a backdoor into targeted systems.

There is some contention, however, as to the origins of the code behind Tardigrade. While BIO-ISAC suggests that it’s based on SmokeLoader, Bleeping Computer reported today that some security researchers claim that Tardigrade is a form of Cobalt Strike HTTP beacon and nothing remarkably new.

“The biomanufacturing industry along with other verticals are so far behind in cybersecurity, making them a prime target for bad actors,” George Gerchow, chief security officer of machine data analytics company Sumo Logic Inc., told SiliconANGLE. “Cyberattacks mostly happen to those that provide easy access or least path of resistance.”

“This is a blatant example of how attackers are focusing on human health during a time of high anxiety, and bioscience is an easy target,” Gerchow explained. “The industry is going to have to move quickly to put proper cyber security controls in place. It is going to be a huge mountain for them to climb as some of the companies in the industry have antiquated technology, lack the proper skill sets, and rely too much on legacy security tools.”

Saryu Nayyar, chief executive officer of security information and event management company Gurucul Solutions Pvt. Ltd., noted that “it’s almost lost in the shuffle as vaccine manufacturers race to develop and certify coronavirus vaccines and boosters, but these enterprises are also being hit with malware attacks designed to cripple manufacturing systems, steal intellectual property and install ransomware.”

Tardigrade, Nayyar added, “turns out to be highly sophisticated, adapting to its environment, escalating privileges and able to make decisions without a command and control server.”

Photo: Rebekah Smith/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.