Britain’s intelligence agents detected multiple cyberattacks on the country’s health infrastructure in spring, the head of the spy agency GCHQ has said, linking the attacks to attempts to steal government secrets about a COVID-19 vaccine.
GCHQ chief Jeremy Fleming said in a rare interview, released on Thursday and recorded on 18 May, that states and individuals are “going after things which are sensitive” to the UK.
“So, it’s a high priority for us to protect the health sector, particularly the race to acquire a vaccine," he added.
Fleming noted that the balance of what government assets are critical has changed, and the importance of Britian's health security and biosecurity is much greater than it was a few months ago.
“The steps we take to protect our health system, to protect our vaccine development, to protect those involved in delivering vital services… the importance of those tasks is changing. The reality is that others are interested in disturbing those and in stealing those secrets or in otherwise disrupting our efforts in those areas."
According to Fleming, hackers were often “looking for pretty basic vulnerabilities” and were using fishy links to “get people to click on the wrong thing, or will look for vulnerabilities where people aren’t backing up properly, or where they’ve got basic passwords and so on.”
Fleming did not specify which countries were thought to be behind the attacks, although he called China “an intelligence adversary” of Britain later on in the interview.
The Telegraph reports that it “understands”, without citing any sources, that Russia, China, and Iran are thought to be the focus of government efforts to tackle coronavirus-related cyberattacks.
Russia previously denied similar accusations, saying their aim was to “discredit its image in the global media arena.”
Britain’s cyber intelligence chief, who has been in office since 2017, warned that hackers had seen the COVID-19 pandemic as an “opportunity” to use fear among the public to scare or lure people into sharing personal information.
“We’ve seen them using COVID-related tactics as lures to try and defraud people, to mount their forms of criminality and cause people harm,” he added.
The National Cyber Security Centre, the GCHQ’s information security arm, reported an increase in coronavirus-related email scams in April. The agency said it received more than 25,000 alerts about suspicious emails within the first week of launching an email-flagging service.
In early May, just two weeks before Fleming’s interview was recorded, the UK and US issued a joint warning that cyber spies are targeting the health sector and are thought to be hunting for COVID-19 data and vaccine research. They said among the targets were national and global healthcare bodies, pharmaceutical companies, research organisations, and local governments. No data theft has been publicly reported so far.
