Iranian hackers have targeted high-ranking staff at the US drug firm Gilead Sciences Inc over the past several weeks, according to an exclusive report published Friday by Reuters, which reviewed publicly-available web archives, as did three Israeli cybersecurity researchers.
Gilead is the producer of Remdesivir, the medication which last week won emergency approval from the FDA as a treatment for COVID-19, the disease caused by the novel coronavirus, known officially as SARS-CoV-2.
In one case, a fake email login page designed to steal passwords was sent in April to a top Gilead executive involved in legal and corporate affairs, according to an archived version on a website used to scan for malicious web addresses. It was not possible to determine whether the attack was successful in that case, Reuters said.
Ohad Zaidenberg, lead intelligence researcher at Israeli cybersecurity firm ClearSky, closely tracks Iranian hacking activity and has investigated the attacks, and said the hackers were trying to compromise email accounts of staff at the company.
Two other cybersecurity researchers who were not authorized to speak publicly about their analysis, confirmed to Reuters the web domains and hosting servers used in the hacking attempts were linked to Iran.
A spokesman for Gilead declined to comment, citing a company policy not to discuss cybersecurity matters. It’s not clear whether any of the attempts were successful.
Iranian Hackers Also Targeted Israel
Israel’s security cabinet met this past Thursday in a top secret meeting to discuss an Iranian cyberattack on the country’s water and sewage facilities and infrastructure.
Iranian hackers routed the attack through servers located in the United States, according to an unnamed senior US official in the US Energy Department who spoke with Fox News.
Several Israeli Water Authority facilities were targeted but the attack was thwarted by the Authority’s cyber division.