The warnings come as the US, UK and Canada issued statements on Thursday accusing Russian intelligence of launching cyber attacks on companies working on COVID-19 projects.
Senior director of analysis at Mandiant Threat Intelligence, John Hultquist, said organisations were vulnerable to attacks by a range of nation states.
“The organisations developing vaccines and treatments for the virus are being heavily targeted by Russian, Iranian and Chinese actors seeking a leg-up on their own research. We’ve also seen significant COVID-related targeting of governments that began as early as January,” he said.
Australia has made global headlines in recent months for its progress in developing in a COVID-19 vaccine, most notably at the University of Queensland.
A spokeswoman for the university said the organisation has been vigilant about protecting research data.
“UQ takes cyber security very seriously, and has made significant investments in cyber security in recent years, including around research technology. There has not been any noticeable change in activity in recent months,” she said.
Executive director at cyber security training firm Institute of Data, Andrew Campbell, said concerns like the ones raised by overseas governments on Thursday were just “the tip of the iceberg”.
Data security is complicated by the fact that the many governments, biotechnology companies and manufacturers have staff working from home due to COVID-19 lockdowns. Global projects are therefore more vulnerable to being compromised by a single individual, Mr Campbell said.
“The way we need to approach this is that everyone needs to secure their own data. Take responsibility for your own backyard. Each government organisation has a massive duty of care here, and every corporation does too.”
Professor Seebeck said securing research data was a challenge because scientific inquiry naturally required research teams to be open and collaborative.
“Because good science depends on openness, contestability and review – the very things that may also place their security at risk –that will mean managing carefully accessibility to the data, techniques, people and, critically, focussing on the integrity of data and tools.”
Home Affairs Minister Peter Dutton was contacted for comment.
Emma is the small business reporter for The Age and Sydney Morning Herald based in Melbourne.