Cyber Incident Victim: Dun & Bradstreet Malaysia

A significant cyber incident occurred at Oxford University's Division of Structural Biology, a renowned institution involved in researching the Covid-19 pandemic. The breach was detected and isolated by the university, which subsequently notified the National Cyber Security Center, a branch of the British intelligence agency GCHQ. The incident highlights the risks of cyber attacks on sensitive research institutions and the potential consequences of such breaches.

According to reports, the hackers gained access to machines used to prepare biochemical samples, including those used in Covid-19 research. The attackers were able to control pumps and pressure systems, raising concerns about the potential for sabotage. The breach also raised concerns about the theft of research data, which could have significant implications for the development of vaccines and treatments. The university confirmed that the affected systems did not contain any patient data, and there was no impact on patient confidentiality.

The hackers were described as highly sophisticated and financially motivated, with ties to government-backed hackers. They were known to sell stolen data to other groups, including nation-state-backed hackers. The attackers spoke Portuguese, and some of their other victims included Brazilian universities. The group was also known to use ransomware to extort some of their victims. The university's breach was not an isolated incident, as the hackers had also targeted other organizations, including the business analytics company Dun & Bradstreet Malaysia.

The incident was first reported by Forbes, which was alerted to the breach by Hold Security's chief technology officer, Alex Holden. Holden provided screenshots of the hackers' access to Oxford University's systems, which showed interfaces for lab equipment and Windows-based controls. The screenshots also included times and dates, indicating that the breach had continued until recently. The university confirmed that the hacked machines were used to purify and prepare biochemical samples, such as proteins, for fundamental research.

The breach has significant implications for the security of research institutions, particularly those involved in sensitive research such as Covid-19. The incident highlights the need for robust security measures to protect against cyber attacks. The university's swift response to the breach, including notification of the National Cyber Security Center, demonstrates the importance of incident response planning and collaboration with authorities.

The incident also raises concerns about the potential for cyber attacks to disrupt critical research. The Covid-19 pandemic has highlighted the importance of scientific research in responding to global health crises. Cyber attacks on research institutions could have significant consequences for the development of vaccines and treatments. The incident serves as a reminder of the need for research institutions to prioritize cybersecurity and take proactive measures to protect against cyber threats.

The investigation into the breach is ongoing, and the university is working with the National Cyber Security Center to fully understand the impact of the incident. The incident has been reported to the UK Information Commissioner's Office, which will assess the information provided. The university has confirmed that there has been no impact on clinical research, as the affected systems were not used for this purpose.

The breach has sparked concerns about the potential for cyber attacks on other research institutions. The incident highlights the need for increased awareness and vigilance among researchers and institutions. The university's experience serves as a reminder of the importance of prioritizing cybersecurity and taking proactive measures to protect against cyber threats. The incident has significant implications for the security of research institutions and the potential consequences of cyber attacks on sensitive research.