Ohio-based DNA Diagnostics Center (DDC) recently reported that in August 2021, the company detected potential unauthorized access to its network, during which there was unauthorized access and acquisition of an archived database that contained personal information collected between 2004 and 2012. There are issues with security associated with life sciences data. We hit some very big ones here.

The National Cyber Security Centre (NCSC), a part of Government Communications Headquarters (GCHQ), was created in 2016 as part of the UK’s 5-year National Cyber Security Strategy.  Self-described as “the UK’s technical authority for cyber security,”  the NCSC has put out an annual review every year since its inception. In this year’s report,  “Annual Review 2021: Making the UK the safest place to live and work online”, the NCSC, as part of a national security agency, is unable to disclose all its work publicly, but seeks in the annual review “to describe the year with insights and facts from  colleagues inside and out of the organization.”

An advanced persistent threat (APT) group since March of 2021, has been exploiting Fortinet vulnerabilities and, since October 2021, a Microsoft Exchange ProxyShell vulnerability “to gain initial access to systems in advance of follow-on operations, which include deploying ransomware.” This joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC).

The Joint Cybersecurity Advisory was released this morning at approx. 11 AM EST.