Recent reports revealed that Gilead Sciences, one of the frontrunners in the race to provide a treatment for COVID-19, was targeted by repeated attempts at cyberattacks carried out by Iranian hackers.
The Iranian cyberattacks were uncovered by ClearSky, an Israeli firm. Ohad Zaidenberg, lead intelligence researcher at ClearSky, told Reuters that the attempt was part of an effort by an Iranian group to compromise email accounts of staff at the company using messages that impersonated journalists.
The web domains and servers used by the hacking group were linked to Iran, but it wasn’t clear what the hackers’ motives were, or if they had any connections to Iran’s government. The Iranian hacking group, called “Charming Kitten,” usually focuses on hacking journalists and human rights groups, ClearSky’s Ohad Zaidenberg told Ynet.
“Last week we discovered that they are acting against the infrastructure of the American research institute Gilead, and we determined that they are trying to hurt other research bodies that are dealing with coronavirus, including in Israel,” Zaidenberg said.
“They went back to being very active last week. In Israel, they operate at a high intensity, trying to steal [personal] details and anything else that allows them to take control of an email address to use it for all kinds of purposes,” he said.
It is still not known whether the attempts at hacking, which also targeted the staff, were successful.
Iran’s mission to the United Nations denied any involvement in the attacks.
“The Iranian government does not engage in cyber warfare,” said spokesman Alireza Miryousefi. “Cyber activities Iran engages in are purely defensive and to protect against further attacks on Iranian infrastructure.”
On May 5, the U.K.’s National Cyber Security Centre and the U.S. Department of Homeland Security updated their joint April 8 warning to hospitals and other medical institutions, saying hackers “may seek to obtain intelligence on national and international health care policy or acquire sensitive data on COVID-19 related research.”
Reuters reported last month that hackers linked to Iran had attempted to break into the emails of staff working at the World Health Organization.
Gilead produces Remdesivir which is currently being tested as an intravenous treatment for COVID-19, and has been authorized for emergency use in the U.S. and approved for use in Japan for people with severe symptoms. Remdesivir was originally developed to treat the Ebola virus disease and Marburg virus disease but was ineffective for these viral infections.
Earlier this week, Breaking Israel News revealed that Iran was behind a cyber-attack on Israel’s water and sewage infrastructure.