skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.

Omdia view


According to an advisory from the UK’s National Cyber Security Centre (NCSC), the Canadian Communication Security Establishment (CSE), the US Department for Homeland Security (DHS) Cybersecurity Infrastructure Security Agency (CISA), and the US National Security Agency (NSA), the APT29 hacking group is actively targeting COVID-19 vaccine development. The APT29 group is also known as “the Dukes” and “Cozy Bear.” The UK’s NCSC states:“Throughout 2020, APT29 has targeted various organizations involved in COVID-19 vaccine development in Canada, the US, and the UK, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines.”

Organizations in all sectors should not be surprised that cyber-espionage is real, and every organization should protect the confidentiality, integrity, and availability of all data assets, and focus “super-protection” on the most valuable of these assets.

Data protection focuses on maintaining the confidentiality, integrity, and availability of information

The raison d’être—or reason for being—for cybersecurity is to protect the confidentiality, integrity, and availability of organizational information. The CIA triumvirate is at the center of building security controls within an organization.

Data is created and becomes information, going through the lifecycle of create, process, store, transmit, and destroy. Huge volumes of information are generated, and organizations must protect this information appropriately, wherever it might be stored—within or beyond organizational boundaries. Without even trying, an enterprise continually creates an ever-larger footprint of corporate data and information for which it is responsible.

Not all information needs to be protected in the same way. Over-protection is prohibitively expensive, and under-protection is prohibitively risky. As such, information needs to be classified, risk assessed, and protected appropriately. Some information is of high value to the organization and may be of even higher value to others—who might be individuals or another organization.

Cyber-espionage is real, and every organization should be prepared

Cyber-espionage is not a threat focused solely at huge enterprises. Many organizations have information that is of value to competitors and malicious actors will stop at almost nothing to get hold of that information. Back in 2012 the UK manufacturer Dyson accused Bosch of placing an insider in the organization to steal secrets. Verizon’s 2020 Data Breach Investigations Report (DBIR) notes that in manufacturing cyber-espionage accounted for 27% of breaches and makes the highly apt comment that it is faster and cheaper to steal something than it is to design it yourself.

The same applies to a vaccine for COVID-19. The race has been on for some time to get a working vaccine, as economies and individuals are suffering significantly from the effects of trying to control the spread of the virus. Those organizations working on a vaccine will have this data and information as their crown jewels that they don’t want anyone, or anything, stealing or compromising. If data can be stolen then it is possible that it can also be corrupted, affecting the potential integrity of the information. No one would want a vaccine based on potentially corrupt information.

Protect your crown-jewel information appropriately

Organizations in all sectors, not only pharmaceutical or manufacturing, must identify their information “crown jewels” and apply appropriate protection. Organizations typically classify their information assets into various categories to apply appropriate security controls to focus on protecting the confidentiality, integrity, and availability of information (see Figure 1).

Figure 1: Identify “crown jewels” information to apply appropriate protection

However, “highly sensitive” information can be further broken down into classification categories, to break out the crown jewels, (e.g., blueprints for a new product or insights into drug development). As these super-sensitive data assets are identified, super-strength protection must be applied to protect the CIA triumvirate of information. As always, people and process work alongside technology to build these security controls, and everyone must work together to protect this information from unscrupulous competitors and nation states.



Maxine Holt, Senior Research Director, Cybersecurity

[email protected]

Recommended Articles