Highlights:
- Threat actors attack 10x Genomics, a biotech research firm, amid its tireless efforts on COVID-19 treatments.
- 10x Genomics isolated the source and returned to business immediately. The company is of the opinion that the data breach will not affect its future operations.
Threat actors have been successful in targeting and infecting 10x Genomics, a California-based biotech research firm, in March. This firm has been tirelessly working toward gaining insights into COVID-19 as per the US Securities and Exchange Commission.
The biotech firm is working as a part of an international alliance and sequencing cells from COVID-19 infected patients who have recovered. The firm is undertaking this task to fuel and support the research and breakthrough for potential treatments to the deadly pandemic.
The ransomware attack on this business involved theft of sensitive information. However, 10x Genomics could separate the source of the attack and return to normal business operations without having an impact on the firm’s ability to access data.
More about the ransomware attack
The REvil or Sodinokibi ransomware group has taken ownership of the attack and claim that they were successfully able to get around 1 TB of data from 10x Genomics. It has also posted some amount of this stolen data. The human-operated ransomware campaign by the hacking group is known to have begun in the health and health IT sector in late 2019.
The hacking tactics
The hacking group scans the internet looking for susceptible systems and then typically leverages the updater feature of Virtual Private Network (VPN) clients and deploys the malware payload.
The investigation front
Currently, 10x Genomics is co-ordinating with a third-party investigation team and law and enforcement officials to examine the criminal activity.
As per the SEC filing, 10x Genomics is not of the opinion that data breach will have an impact on its future operations.
As per reports, this is the second research firm hit by a ransomware attack amid the COVID-19 pandemic in the past one month. The infamous Maze ransomware also has been successful in stealing sensitive data from the UK-based research team, Hammersmith Medicines Research, that was on standby for the development of the COVID-19 vaccine.