July 20, 2020
Risk to COVID-19 Research
From: Joe Giffels, Associate Vice Provost for Research Administration and Integrity, and Rebekah Skiver Thompson, Associate Vice President and Chief Information Security Officer
On July 16, national security agencies in the U.S., the U.K., and Canada jointly issued an advisory describing Russian hackers’ attempts to illicitly acquire COVID-19 vaccine-related intellectual property. Beginning in February 2020, cyber criminals have increasingly targeted U.S. pharmaceutical, medical, and biological research facilities to acquire or manipulate sensitive information, particularly COVID-19 vaccine and treatment research. We want to take this opportunity to raise awareness of the risk to research information and what you can do to help protect it.
Though cyber criminals scan for and attempt to exploit computer system vulnerabilities, their primary focus is acquiring valid credentials in order to gain access to computer systems. Cyber criminals acquire valid credentials through phishing attacks, as well as searching databases of previously exposed credentials. Valid credentials may provide attackers with access to:
- Computers via remote desktop services.
- Email accounts and file shares.
- Internal networks via VPN access.
With this access, cyber criminals may:
- Commit economic espionage by copying intellectual property.
- Commit extortion by encrypting and ransoming research information.
- Commit fraud by posing as an individual through the use of their email account.
- Sabotage research by manipulating data.
What can you do?
- Create and maintain offline backups or copies of research information.
- Be alert for phishing: Watch for messages impersonating colleagues and think twice before entering your user ID and password on a website or opening a link or file attached to an email message.
- Configure and use two-factor authentication for access to accounts where available.
- Update account passwords if you currently use the same password for multiple accounts, especially if you’ve used your UW email address to establish those accounts. Use a unique password for each account.
- Use a password manager to make creating and managing unique passwords easier. Never re-use your UW NetID password for other accounts.
- Promptly install software and operating system updates.
- Install and use antivirus software. Sophos antivirus software is available to the UW community for personal and UW-owned computers. (Search for “Sophos” from the UW homepage.)
- Report suspicious or malicious activity to your IT staff and the Office of the Chief Information Security Officer (CISO) at ciso @ uw . edu (without spaces).
For more information on the above topics, review the resources listed in the “Hackers Target COVID-19 Research” post in the News & Alerts section on the Office of the CISO’s home page. (Search for “CISO” from the UW home page.)
Joe Giffels, Associate Vice Provost for Research Administration and Integrity
Rebekah Skiver Thompson, Associate Vice President and Chief Information Security Officer