Posted 2 years ago | by Ben Armstrong
Hackers Boost COVID-19 Data from Research Firm
The digital infrastructure of a firm which is researching COVID-19 has been infected by hacker group Maze. The group used ransomware to hold Hammersmith Medicines Research hostage, and then managed to steal and publish sensitive data.
Cybersecurity firm Emsisoft disclosed that UK-based medical firm Hammersmith Medicines Research (HMR) was compromised earlier this week. Data from the firm was published, including sensitive data on medical test volunteers. Personal documents like passports, medical background and details of the tests were made public by the hackers.
Brett Callow, who is the threat analyst at Emsisoft said:
“(The data) is on the clear web where it can be accessed by anybody with an internet connection...The criminals almost certainly haven’t published all the data that was stolen. Their modus operandi is to first name the companies they’ve hit on their website and, if that doesn’t convince them to pay, to publish a small of the amount of their data — which is the stage this incident appears to be at — as so-called ‘proofs.’”
COVID-19 is Everywhere
According to a ComputerWeekly report, HMR was able to recover their systems operational by the end of the day. While this is a seemingly positive outcome, it may not be the end of the story.
“Note that, since the ComputerWeekly report ran, the data stolen from HMR has been ‘temporarily removed’ from the criminals’ website...But here’s the problem. Other criminals download the data posted on these leak sites and use it for their own purposes.”
According to Callow, Maze had previously asked for about $1 million USD in Bitcoin for restoring access to the data and another $1 million USD in BTC to delete their copy and stop publishing it. Unfortunately, other hackers may have accessed the data, and may not be willing to stop distributing it.
Not Very Cool
COVID-19 is creating a global economic disaster. It is a shame that hackers aren't going after targets that would help the public understand how much they have been lied to by authorities, like governments, and major international organizations.
There are acceptable reasons to compromise secret data, but stealing peoples' IDs and then asking for BTC is a pretty sorry way to use hacking abilities. There is, no doubt, information that would allow the public to have a better picture of what COVID-19 is, and how it has been mishandled by powerful groups.
People need to know that COVID-19 was covered up since day one, but without a solid data trail, governments and major news organizations will continue to lead the general public into a false sense of hope and security.