A federal intelligence agency is telling Canada’s COVID-19 researchers to lock down their data because sophisticated hackers are out to “steal ongoing key research toward a vaccine.”

This warning from the domestic data-security arm of Communications Security Establishment (CSE), comes as global scientists are working together to get the pandemic under control.

While many scientists are team players working together toward a common goal, unspecified entities – possibly nation states – are seeking any advantage that comes with being the first to figure out a remedy.

Story continues below advertisement

The CSE posted an online notice about the hacking threat this week, and is also e-mailing the warnings directly to dozens of COVID-19 researchers.

“Sophisticated threat actors may choose to target Canadian organizations involved in supporting Canada’s response to the pandemic including organizations within the medical community,” reads an online statement posted by the CSE subunit known as the Canadian Centre for Cyber Security.

“These actors may attempt to gain intelligence on COVID-19 response efforts and potential political responses to the crisis or to steal ongoing key research toward a vaccine or other medical remedies.”

Security experts are also warning that hackers, spammers and fraudsters are counting on concerns about the pandemic to induce people to click on unsolicited emails containing computer viruses. Such threats are particularly potent these days, because social-distancing measures mean more people are working from their homes, where their data can be less protected compared to their offices.

“Criminals are launching phishing attacks against all sectors using the coronavirus as the lure,” says Bob Gordon, a former CSE official who now works to help keep corporations apprised of security threats.

But the CSE’s language about “sophisticated” threats is also significant. In previous reports,the agency has said that nation states “are usually the most sophisticated threat actors, with dedicated resources and personnel, and extensive planning and co-ordination.”

These data breaches can be so damaging and lasting that they may impair relations between countries. For example, in 2014, Prime Minister Stephen Harper’s Conservative government made a point of publicly blaming a “highly sophisticated Chinese state-sponsored actor” for doing years of damage by hacking the federal National Research Council.

Story continues below advertisement

This month, a committee of Parliamentarians highlighted how another federal intelligence agency believes that Canadian campuses are being targeted by outside entities.

“Certain foreign intelligence services and government officials (especially those of China and Russia) are also involved in the monitoring and/or coercion of students, faculty and other university officials,” said David Vigneault, director of the Canadian Security Intelligence Service. He added that “universities can also be used as venues for ‘talent-spotting’ and intelligence collection.”

The report, released last week by the national-security and intelligence committee of Parliamentarians, said Mr. Vigneault made the remarks in April, 2018, in a speech to the U15 Group of Canadian Research Universities, an umbrella group for Canada’s most research-intensive universities.

This week, U15 relayed CSE’s hacker-threat warnings to university researchers investigating COVID-19. “We took that message and we passed it on to our institutions,” said GIlles Patry, the group’s executive director.

One of the recipients was Gary Kobinger, a Laval University research scientist who has previously helped develop a vaccine for Ebola.

“For us, this doesn’t change much,” said Dr. Kobinger, who says he is optimistic that unfettered global collaboration can lead to a COVID-19 vaccine being discovered within a year. “We’re collaborating with people. But we want to collaborate with the right crowd – with academia, with WHO [the World Health Organization], with government.”

Story continues below advertisement

But he added that researchers who work “for the greater good” also need to ensure that their data doesn’t fall into the wrong hands. “Where I get more careful,” he said, “is to control the information we are communicating to for-profit companies that could slow our work by putting, for example, IP [intellectual property] claims on discoveries that are made.”

He stressed that finding a vaccine is not a race to the finish line – “it’s not about being first” – but that said, whoever makes the first batch will inevitably have a say in who initially gets the vaccine.

“No matter what, at the beginning, the demand will be higher than what’s available,” Dr. Kobinger said. “And of course, if the vaccine is from Country X, then Country X will supply their own citizens first.”

With a report from Michelle Carbert

Our Morning Update and Evening Update newsletters are written by Globe editors, giving you a concise summary of the day’s most important headlines. Sign up today.

Source link

Leave a Reply

National Cyber Security Consulting App







National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.