Hackers have compromised the biomedical systems of an Oxford University laboratory dedicated to studying COVID-19. Oxford University has confirmed the breach of its Division of Structural Biology, known as “Strubi,” but said that its clinical studies had not been compromised.
“We have identified and contained the problem and are now investigating further,” an Oxford University spokesperson told Forbes. “There has been no impact on any clinical research, as this is not conducted in the affected area. As is standard with such incidents, we have notified the National Cyber Security Center and are working with them.”
According to Forbes that first reported about the incident, it was alerted to the breach by Alex Holden, the chief technology officer of the cybersecurity company Hold Security, who provided screenshots indicating external access to the Strubi’s computer systems. The screenshots showed interfaces for what appeared to be possible lab equipment, with the ability to control pumps and pressure. Based on times and dates on the Windows-based controls, it is understood that the intrusion took place mid-February.
“The Oxford spokesperson confirmed the hacked machines were used to purify and prepare biochemical samples, such as proteins, that are made in the laboratory for fundamental research on them. Such samples have been used in the lab’s coronavirus research,” Forbes said.
The researcher believes that the attack against Oxford University was conducted by a financially-motivated hacker group, which is highly sophisticated and uses ransomware to extort its victims. The group previously had been observed selling stolen information from some of its victims to nation-state hackers. Holden did not disclose the name of the group allegedly responsible for this hack.
Earlier this month, reports emerged that North Korean hackers attempted to infiltrate the computer systems of the US pharmaceutical giant Pfizer in a search of information related to the development of a coronavirus vaccine and treatment technology. South Korea's spy agency said it found evidence of attempts to breach Pfizer’s computers, but did not share any details of the attacks.