Cybersecurity Warning on Targeting of COVID-19 Research Organizations

Yesterday, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) issued a public service announcement to raise awareness of attacks against institutions conducting COVID-19-related research.

The FBI is investigating attacks against US organizations originating from China that have been observed attempting to steal intellectual property and other sensitive data related to COVID-19 research.

As always, we need to remain vigilant. Below are some helpful tips to follow:

• Do not share your password with anyone, including your supervisor, colleague, or an ITS technician.
• Do not click on any links or open any attachments in an email that comes from someone you don't know or recognize.
• Report any suspicious emails to ITS by forwarding them as an attachment to spam@med.cornell.edu.
• Review these tips for recognizing phishing emails.
• If you notice any suspicious activity on your account, reach out to ITS immediately. If ITS notices any suspicious activity, we may reset your password as a precaution.
• Do not share research data with consumer systems that are outside of WCM control and are not covered by contractual agreements (e.g., Dropbox, Gmail, etc.).
• Ensure your personal computer is protected from malware by following these tips.

Thank you for your attention to these issues.