Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Hackers targeted University of Oxford’s Covid vaccine research, cyber spies reveal

Attack could have significantly disrupted UK’s pandemic response, says NCSC

Jon Sharman
Wednesday 17 November 2021 10:30 GMT
Comments
About one-fifth of the breakthrough attacks dealt with by NCSC were in health or vaccine settings
About one-fifth of the breakthrough attacks dealt with by NCSC were in health or vaccine settings (REUTERS)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Hackers and state agents relentlessly targeted Britain’s health and Covid-19 vaccine production sectors over the past year, according to cyber spies.

The National Cyber Security Centre (NCSC), which is part of GCHQ, said it had shut down 442 phishing scams using NHS branding, plus 80 fake NHS apps. About 4.4 billion “potentially harmful interactions” were blocked.

In one incident government tech experts were forced to step in to defend the University of Oxford’s vaccine researchers from a ransomware attack that had “the potential to cause significant disruption to the UK’s pandemic response”, the NCSC revealed in its annual report published on Tuesday.

While criminal groups exploited the pandemic in other ways, hostile governments set their sights on vaccine and medical research over the last year, it is said.

Overall about one-fifth of the 777 breakthrough attacks the NCSC dealt with in the last 12 months were targeted at vaccine or other health organisations. This total was up from 723 in the previous 12 months.

The coronavirus pandemic also gave hackers the opportunity – or “surface area” – to target businesses more widely, thanks to the mass transition to remote work and associated use of third-party computing and cloud services.

Lindy Cameron, the spy agency’s chief executive, said: “One of the trends that the NCSC has seen over the last year was a worrying growth in criminal groups using ransomware to extort organisations.

“In my view it is now the most immediate cyber security threat to UK businesses and one that I think should be higher on the boardroom agenda.”

Ms Cameron warned last month the pandemic was likely to cast a “significant shadow” for many years when it came to cyber crime.

“Some groups may also seek to use this information to undermine public trust in government responses to the pandemic, and criminals are now regularly using Covid-themed attacks as a way of scamming the public,” she said.

In its annual report the NCSC singled out China as the biggest threat to Britain’s tech security.

Beijing is “a highly sophisticated actor in cyberspace with increasing ambition to project its influence beyond its borders and a proven interest in the UK’s commercial secrets”, the agency warned.

Russia also poses a direct threat, according to the NCSC, as well as an indirect one due to the country’s status as a haven for organised criminal gangs. Iran and North Korea are less technically adept but still dangerous, it added.

Two huge cyber attacks, one called SolarWinds and another targeting Microsoft Exchange, were among “the most serious global cyber incidents we’ve seen in recent years” and attributed to Russia and China respectively, said Sir Jeremy Fleming, the head of GCHQ.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in