Skip to main content
The Globe and Mail
Support Quality Journalism.
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to
Just $1.99per week for the first 24weeks
Just $1.99per week for the first 24weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(}function setPanelState(o){dom.root.classList[o?"add":"remove"](,dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); } //

When the federal government issued an alert in March saying that sophisticated hackers were targeting COVID-19 researchers in Canada, it did so without citing specific attacks or evidence.

Nevertheless, the security establishment and researchers alike are continuing to take the warning from the Canadian Centre for Cyber Security seriously – and for good reason.

Canada has a strong backbone in health research that is recognized around the world, says Christopher Parsons, senior research associate at the Citizen Lab at the Munk School of Global Affairs and Public Policy.

Story continues below advertisement

A number of efforts at finding a COVID-19 vaccine are also under way here, which makes Canada a particularly appealing target right now. Calgary-based biotech firm Providence Therapeutics Inc., for example, announced last week it is prepared to begin Phase 1 testing of a vaccine.

“There’s often a lack of appreciation within Canada that we are a very worthwhile target for adversaries,” Dr. Parsons says. “It really undersells what Canada is producing on a regular basis.”

The CCCS warning suggests that potential hackers could be backed by nation states. Dr. Parsons says such scenarios are likely, with different countries having their own reasons for wanting to steal Canadian data.

Countries operating under international trade sanctions could do it because it might be the only way they’ll acquire a vaccine. Other countries, meanwhile, may engage in theft to supplement their own research efforts and thereby improve their respective geopolitical positions.

“Whoever develops it first is going to have a lot of soft power in international relations,” Dr. Parsons says. “That could be very helpful for their global diplomatic efforts.”

A vaccine would also have tremendous economic value. A recent estimate by Barron’s suggests that at a price of US$30 a dose, a vaccine could be worth US$10-billion annually. Some analysts estimate the price could go as high as US$200 a vaccination. Either scenario would present a giant windfall to whatever country or pharmaceutical company that develops one.

One method that hackers are likely to use in stealing research, Dr. Parsons says, is spear-phishing – or targeting researchers with e-mail messages that appear to be from trusted sources. As opposed to generic spam, such messages are personalized and the product of individualized research on the recipient by the sender.

Story continues below advertisement

Senders could trick receivers into clicking on malicious links or revealing sensitive information by appearing to be people they know or might know.

The best protection against spear-phishing, Dr. Parsons says, is for recipients to be aware of it and to verify sensitive requests by contacting senders through other means, such as phoning or texting them.

“When it’s done well, spear-phishing is very effective,” he says.

Philip Awadalla is aware of the CCCS alert and is actively heeding it. He is the national scientific director at the Canadian Partnership for Tomorrow’s Health, a project that has been gathering and analyzing health data since 2008.

The organization has focused historically on cancer and genetics research but is also now working on COVID-19. Over the past month, CanPath has surveyed participants about symptoms, travels and other related subjects.

Aside from worrying that this research might get stolen, Dr. Awadalla is also concerned that the 320,000 Canadians voluntarily providing CanPath with data could also be targeted. Individuals who are tricked through phishing attacks could then become distrustful of similar, legitimate communication attempts.

Story continues below advertisement

“What we don’t want to happen is if an external actor with [malicious intent] comes in and starts to exploit the goodwill of the Canadian population in capturing information,” he says. “We rely on that goodwill.”

Julia Zarb, director of the master of health informatics program at the University of Toronto, is also concerned about the potential erosion of goodwill. She’s part of Rapid Evidence Access Link, an online project that seeks to provide leaders and policy makers with fast answers to COVID-19 questions.

Ms. Zarb’s experience isn’t necessarily with nation-state-backed hackers, but rather with profit-motivated criminals who steal or lock up information, then extort people to get it back. These types are now using COVID-19 as their lures, she says. Ms. Zarb is concerned that hackers could find lists of people who have had the virus, for example, and then blackmail them.

“They find where the currency is in health care and think about how they can hold it hostage or profit off it,” she says.

Waterloo, Ont.-based OpenText, which makes information management software for businesses, says attackers have recently been targeting people who are now working from home as a result of the pandemic.

Since many remote workers don’t have their systems set up to limit how many times someone can unsuccessfully log in, hackers are launching what’s known as a brute-force attack, where a program rapidly guesses passwords until it succeeds. Such programs are becoming increasingly effective, according to Tyler Moffitt, a security analyst at OpenText.

Story continues below advertisement

“Where we’re at now is 15-character passwords can be guessed in 15 hours,” he says.

The obvious answer there, he adds, is for users to set limits on unsuccessful log-in attempts. On a higher level, organizations that are receiving new government grant money for COVID-19 research should also ensure they are investing proportionately in cybersecurity as they ramp up.

Wesley Wark, a visiting professor at the University of Ottawa’s Graduate School of Public and International Affairs, points out that generally lower security spending by Canadian organizations – especially small and medium enterprises – contributes to Canada’s appeal as a target for sophisticated hackers.

He also recommends increased spending on expertise to both prevent attacks and to deal with them when they happen, such as in cases in which attackers lock users out of their systems and hold their data for ransom.

“Institutions, no matter at what scale in the health sector, need to educate their work forces about prevalent forms of cyberattacks, including classic phishing efforts,” he says. “Get expert advice immediately if subject to ransomware attacks. Don’t try to handle it on your own.”

Your Globe

Build your personal news feed

  1. Follow topics and authors relevant to your reading interests.
  2. Check your Following feed daily, and never miss an article. Access your Following feed from your account menu at the top right corner of every page.

Follow topics related to this article:

View more suggestions in Following Read more about following topics and authors
Report an error Editorial code of conduct
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to If you want to write a letter to the editor, please forward to

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

If you do not see your comment posted immediately, it is being reviewed by the moderation team and may appear shortly, generally within an hour.

We aim to have all comments reviewed in a timely manner.

Comments that violate our community guidelines will not be posted.

UPDATED: Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies