A spokesperson from the University has indeed confirmed the cyber attack at Oxford University’s COVID research Lab. Students studying molecular and biological science use Strubi’s labs (the lab targeted by the attackers), and the Oxford team had been researching the virus and evaluating vaccine candidates during the COVID-19 pandemic.
Although the lab in question is focused on basic science rather than clinical research, the systems accessed are thought to be machines that prepared biochemical samples for fundamental research. The University stated that no clinical research has been impacted because of the attack. The hackers behind the attack have not been identified yet.
The attack will now be investigated by the National Cyber Security Center (NCSC), a division of the Government Communications Headquarter (GCHQ).
An Oxford Spokesperson, while speaking to Forbes, confirmed the hack and also stated that he was particularly concerned about the breach due to the hackers’ ostensible ability to disable a pressure alarm from the interface. He further added, “with news about cybercriminals tamperig with water purity controls, other attacks against energy companies- this type of data in the hands of cybercriminals draws many concerns.”
Not the first one, Neither the Last
This is not the first cyber-attack which has been reported by a research lab involved in Covid-19 vaccine research. Interpol had warned of a wave of COVID-19 and flu vaccine-related cybercrime in late 2020. The global pandemic, according to the law enforcement agency, has “triggered unprecedented opportunistic and predatory criminal behavior.”
An attack on Oxford’s Jenner Institute, which developed a vaccine in collaboration with AstraZeneca, occurred last summer. Following another NCSC investigation, the government stated that it was “95 percent certain” that Russia had attempted to steal its COVID vaccine. Unfortunately, the European Medicines Agency (EMA) was also successfully attacked in December, and the hackers had then leaked stolen data relating to COVID-19 vaccines and medicines in January this year.
In India, a Chinese state-backed hacking group Stone Panda (AP10) had recently targeted the IT systems of two Indian vaccine manufacturers Bharat Biotech and Serum Institute of India (SII), whose coronavirus shots are being used in the country’s immunization campaign.