Oxford University Covid-19 laboratory hacked by cyber gang
An Oxford University biology laboratory researching Covid-19 has been hacked by a cyber gang amid fears they are trying to sell secrets to the highest bidder.
The cyber attack is now being investigated by the National Cyber Security Centre (NCSC), the cyber security arm of GCHQ. The intelligence agency confirmed it was “aware of an incident at Oxford University” and was attempting to “fully understand its impact”.
Security sources said it was unclear who was behind the attack and could not rule out a hostile foreign state at this stage.
The hack occurred at the Division of Structural Biology - known as Strubi - which has been carrying out research into Covid-19. The NCSC said it had been informed by Oxford that the cyber attack had “no impact on any clinical research”.
The Strubi lab is distinct from the Jenner Institute, which developed the Oxford Universiry vaccine in conjunction with the pharmaceutical giant AstraZeneca. In the summer, the UK Government said it was “95 per cent” certain that Russia had attempted to hack into the Jenner Institute and steal its Covid-19 vaccine after an investigation by the NCSC and other intelligence agencies.
In a statement Oxford University confirmed Strubi had been subject to a hack. A spokesman said: “We have identified and contained the problem and are now investigating further. There has been no impact on any clinical research, as this is not conducted in the affected area. As is standard with such incidents, we have notified the National Cyber Security Centre and are working with them.”
Strubi’s founder and director is Professor Sir David Stuart, who was knighted in the New Year. Sir David is leading what Oxford called a “huge collaborative effort” to study the protein structures of Covid-19.
The breach in the lab’s cyber defences appears to have taken place in mid-February. A cyber security company told Forbes magazine it had been alerted to the hack after seeing screenshots of the hackers’ access to Oxford’s computer systems. The screenshots were time stamped February 13 and february 14.
Alex Holden, chief technology officer at Hold Security, said the screenshots appeared to show “interfaces” for possible lab equipment, with the ability to control pumps and pressure. The machines are used to purify and prepare biochemical samples, such as proteins, reported Forbes, and that such samples had been used in coronavirus research.
Professor Alan Woodward, a cybersecurity expert at the University of Surrey, told Forbes: “With the current interest in molecular structures in Covid research one might speculate that it was someone searching for data about the virus or the vaccine. It’s difficult to see why they would want to sabotage research.
“As the attackers were selling access it suggests it was probably not a nation state but a group who thought nation states or those working on valuable intellectual property might pay for.”