reports that suspected Russia-linked threat actors have been leveraging the new Tardigrade malware in attacks against large biomanufacturing firms.
The Bioeconomy Information Sharing and Analysis Center
initially identified the malware in a ransomware attack against an unspecified biomanufacturing facility this spring before observing it again in an attack against another facility last month.
"This thing is still evolving; it's still in motion. We're still learning more about this as time goes on, but because it was clear that spread was still active, this is an active threat, and a significant threat, we wanted to accelerate disclosure," said Ed Chung, who is the chief medical officer at BioBright, a member of BIO-ISAC.
BioBright researchers noted the challenges in detecting and removing the Tardigrade malware, which has been made personalized for biomanufacturing organizations.
"It won't run unless it's in a specific environment, which led us to believe that this is specifically made and targeted for biomanufacturing facilities or that kind of medical space," said BioBright Senior Digital Biosecurity Analyst Callie Churchwell.