Blog

Coleman Technologies Blog

We can give your organization comprehensive IT services and 24/7/365 live support for a predictable monthly fee. Stop stressing about technology, and start focusing on growing your business.

COVID-19 Vaccine Attacks Teach an Important Cybersecurity Lesson

The Cozy Bear Threat

According to the National Cyber Security Centre, a government security organization based in the United Kingdom, a hacking group known as “APT29” (also referred to as “the Dukes” or “Cozy Bear”) has actively targeted the research centers conducting research into developing a COVID-19 vaccine. These claims have been supported by both the United States’ National Security Agency and Canada’s Communications Security Establishment.

In fact, the National Cyber Security Center released a report that outlined the attack that the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency also endorses.

This report describes the use of various exploits in conjunction with spear phishing attacks by APT29. Both tactics give APT29 access to carry out the rest of their attacks, which often involves deploying malware known as WellMess or WellMail.

On a side note, some of these exploits have been patched, so make sure you’re also up to date on your patches as well.

Many experts also share the opinion that Cozy Bear has struck before, and that the current threat needs to be taken very seriously as a result. It is believed that APT29 was responsible for the 2016 intrusion into the Democratic National Committee’s systems, as reported by CNN. The group has also been linked to assorted attacks on healthcare, energy, governmental and diplomatic organizations, and think tanks in the past.

What is Spear Phishing?

Phishing is a form of hacking that targets the end user, rather than using software vulnerabilities, to gain access to a system. Spear phishing is a more direct form of phishing. Instead of sending a generic message to massive groups of potential targets to see who takes the bait, spear phishing is specifically directed to an individual with access to key data and resources.

While APT29 may not target your organization as a part of these efforts to steal research, it is nevertheless critical that you and your team can recognize a potential phishing attack and mitigate it before it causes significant problems. While the following is by no means a comprehensive list of warning signs, it is a good place to start educating your team:

  • Always check the details. Many phishing attacks can be identified by close-but-no-cigar “From” addresses. When in doubt, try looking up the email address that sent an email.
  • Proofread the message. While legitimate messages can contain terrible spelling and grammar mistakes, and attackers can more and more effectively mimic professional communications, many phishing messages can be rife with errors.
  • Double-check. If possible, don’t be afraid to confirm that the email is legitimate by reaching out to the supposed sender (through some non-email form of communication) to confirm that they sent the message.

For more assistance in dealing with phishing attacks, reach out to us! At Coleman Technologies, we’re motivated to help prevent a phishing attack from impacting your operations. Give us a call at (604) 513-9428 to learn more.

×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

How to Set the Tone for Workplace Collaboration
How to Host a Hamilton Party Online
 

Comments

Already Registered? Login Here
No comments made yet. Be the first to submit a comment

Customer Login

News & Updates

When it comes to growth and advancement, small and medium-sized businesses (SMBs) in British Columbia have been effectively leveraging Coleman Technologies’ affordable enterprise-level IT practices and solutions since 1999. The proof: Coleman Technol...

Contact us

Learn more about what Coleman Technologies can do for your business.

Coleman Technologies Inc.
20178 96 Avenue, C400
Langley, British Columbia V1M 0B2

Operations Center
6600 Chase Oaks Blvd, Suite 100 Plano
TX 75023

 

2 year badge

Copyright Coleman Technologies. All Rights Reserved. Privacy Policy