Advisory: APT groups target healthcare and essential services

“Password spraying”. Just as nasty as “Muck spreading”. Read and inwardly digest….:

This is a joint advisory from the United Kingdom’s National Cyber Security Centre (NCSC) and the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA).

This advisory highlights ongoing activity by APT groups against organisations involved in both national and international COVID-19 responses. It describes some of the methods these actors are using to target organisations and provides mitigation advice.

The joint NCSC/CISA advisory from 8 April 2020 previously detailed the exploitation of the COVID-19 pandemic by cyber criminals and APT groups. This joint NCSC/CISA advisory provides an update to ongoing malicious cyber activity relating to coronavirus.

COVID-19 related targeting

APT actors are actively targeting organisations involved in both national and international COVID-19 responses. These organisations include healthcare bodies, pharmaceutical companies, academia, medical research organisations, and local government.

APT actors frequently target organisations in order to collect bulk personal information, intellectual property and intelligence that aligns with national priorities. The pandemic has likely raised additional requirements for APT actors to gather information related to COVID-19. For example, actors may seek to obtain intelligence on national and international healthcare policy or acquire sensitive data on COVID-19 related research.

You can read the full advisory by downloading the PDF below.

Original article here