A Message Regarding COVID-19 (Coronavirus) | Find Out More 

Your IT Support Experts

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.


About Us

IT Services


Low Voltage


Blog & News

Contact Us


Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

Don’t wait any longer. Get started today!

Global Tech Solutions Blog

COVID-19 Vaccine Attacks Teach an Important Cybersecurity Lesson

COVID-19 Vaccine Attacks Teach an Important Cybersecurity Lesson

Since the outbreak of the COVID-19 coronavirus has wreaked havoc across the globe, there has been a lot of hope and effort put towards developing a vaccine against it. Unfortunately, just as some experiments have produced promising results, hackers have begun targeting the research centers responsible. Let’s look at this situation to see what it can teach us.

The Cozy Bear Threat

According to the National Cyber Security Centre, a government security organization based in the United Kingdom, a hacking group known as “APT29” (also referred to as “the Dukes” or “Cozy Bear”) has actively targeted the research centers conducting research into developing a COVID-19 vaccine. These claims have been supported by both the United States’ National Security Agency and Canada’s Communications Security Establishment.

In fact, the National Cyber Security Center released a report that outlined the attack that the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency also endorses.

This report describes the use of various exploits in conjunction with spear phishing attacks by APT29. Both tactics give APT29 access to carry out the rest of their attacks, which often involves deploying malware known as WellMess or WellMail.

On a side note, some of these exploits have been patched, so make sure you’re also up to date on your patches as well.

Many experts also share the opinion that Cozy Bear has struck before, and that the current threat needs to be taken very seriously as a result. It is believed that APT29 was responsible for the 2016 intrusion into the Democratic National Committee’s systems, as reported by CNN. The group has also been linked to assorted attacks on healthcare, energy, governmental and diplomatic organizations, and think tanks in the past.

What is Spear Phishing?

Phishing is a form of hacking that targets the end user, rather than using software vulnerabilities, to gain access to a system. Spear phishing is a more direct form of phishing. Instead of sending a generic message to massive groups of potential targets to see who takes the bait, spear phishing is specifically directed to an individual with access to key data and resources.

While APT29 may not target your organization as a part of these efforts to steal research, it is nevertheless critical that you and your team can recognize a potential phishing attack and mitigate it before it causes significant problems. While the following is by no means a comprehensive list of warning signs, it is a good place to start educating your team:

  • Always check the details. Many phishing attacks can be identified by close-but-no-cigar “From” addresses. When in doubt, try looking up the email address that sent an email.
  • Proofread the message. While legitimate messages can contain terrible spelling and grammar mistakes, and attackers can more and more effectively mimic professional communications, many phishing messages can be rife with errors.
  • Double-check. If possible, don’t be afraid to confirm that the email is legitimate by reaching out to the supposed sender (through some non-email form of communication) to confirm that they sent the message.

For more assistance in dealing with phishing attacks, reach out to us! At Global Tech Solutions, we’re motivated to help prevent a phishing attack from impacting your operations. Give us a call at (800) 484-0195 to learn more.

How to Set the Tone for Workplace Collaboration
How to Host a Hamilton Party Online


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, September 29, 2020

Captcha Image

Customer Login

Latest Blog

As the pandemic enters its third quarter, many places have the spread of the COVID-19 virus under control and are starting to open up offices and other workplaces. Ultimately, it is the business owners’ and managers’ decision whether or not...

Contact Us

National Managed Service Provider

Toll Free: (800) 484-0195

Download our Playbook