Michael Buchanan and Andrew Willinger of Patterson Belknap have a post about ransomware attacks on entities involved in COVID-19 research or work on vaccines for it.
In their piece, they point to a number of attacks that have been previously covered on this blog, starting with the Maze team attack on Hammersmith Medicines Research in March.
You can read their article on the firm’s Data Security Law Blog, but I do have one question: is there any evidence that these various threat actors actually targeted these entities because of their involvement with COVID-19? Or did these victims just get hit and then during reconnaissance, the attackers discovered something that enabled them to up their ransom demands? I’m not suggesting that threat actors haven’t or aren’t looking for such targets, but is there any actual evidence that the cases they cite were planned attacks based on COVID-19 involvement?