Protecting high-value research data from nation-state attackers

Recent nation-state campaigns to steal COVID-related research data underscores the threat to all research organizations. The best defense starts with knowing the enemy.

A laptop with a virtual overlay of abstract code and a binary skull.
Igor Kutyaev / Getty Images

Joint NCSC-DHS-CISA advisories and a warning from the FBI have recently highlighted activities of nation-state-backed groups targeting organizations focused on COVID-19 research. The goal is to obtain information for their domestic COVID-19 research efforts. 

Security leaders at research organizations need to better understand the motivations and methods of these attackers. That will allow them to better inform stakeholders of the risks, identify data likely to be targeted, and adjust their defenses appropriately.  

Protecting research data a necessity

Original research data attracts state-affiliated threat actors. “Our crown jewels in terms of data are high-value intellectual property,” said David Deighton, CISO at the University of Birmingham, while speaking at Cloud Security Expo in London earlier this year. “UK universities are being targeted, particularly over the last year or 18 months, by state-sponsored groups who have been trying to penetrate our environment and get access to that data.”

Despite that threat, education institutions in the UK haven’t been strong on security in recent years. A recent penetration testing study carried out by the Higher Education Policy Institute (HEPI) and Jisc found that its researchers were able to gain access to high-value data within two hours on every higher education network they tested. “We've been under-invested in IT and information security in this country for some time,” said Deighton.

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022