| Recurring |
one_organization, multiple_organization |
(a) The software failure incident having happened again at one_organization:
The incident involving hackers linked to Iran targeting staff at Gilead Sciences Inc is an example of a software failure incident happening again within the same organization. This incident involved a fake email login page designed to steal passwords being sent to a top Gilead executive, indicating a cybersecurity breach attempt [99817, 99978].
(b) The software failure incident having happened again at multiple_organization:
The articles mention that hackers with links to Iran and other groups have attempted to break into the World Health Organization, and attackers linked to Vietnam targeted the Chinese government over its handling of the coronavirus outbreak. This indicates that similar software failure incidents have occurred at multiple organizations in the context of cyber espionage related to COVID-19 [99817, 99978]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase is evident in the hacking attempts targeting staff at Gilead Sciences Inc. The hackers, linked to Iran, attempted to compromise email accounts of Gilead staff by sending fake email login pages designed to steal passwords. This design failure was part of an effort by an Iranian group to gain unauthorized access to sensitive information related to COVID-19 treatments being developed by Gilead [99817, 99978].
(b) The software failure incident related to the operation phase is seen in the attempted cyberattacks on Gilead Sciences Inc. The hackers targeted the operation of the company's email system by sending phishing emails to staff members, attempting to trick them into revealing their login credentials. This operation failure could have led to unauthorized access to critical information and compromised the security of the company's systems [99817, 99978]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) The software failure incident reported in the articles is primarily categorized as within_system. The incident involved hackers linked to Iran targeting staff at Gilead Sciences Inc by sending a fake email login page designed to steal passwords to a top executive at the company [99817, 99978]. This attack was part of an effort by an Iranian group to compromise email accounts of staff at the company using messages that impersonated journalists [99817, 99978]. The attempt to compromise the Gilead executive's email account was conducted using hacking infrastructure previously used in cyberattacks by a group of suspected Iranian hackers known as "Charming Kitten" [99817, 99978].
(b) Additionally, the incident can also be considered as outside_system since the attack originated from external sources, specifically hackers linked to Iran [99817, 99978]. The hackers targeted Gilead Sciences Inc, a pharmaceutical company working on developing treatments for COVID-19, indicating that the failure was influenced by factors external to the company's internal systems. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
The software failure incident reported in the articles is related to a hacking attempt by hackers linked to Iran targeting staff at Gilead Sciences Inc. The hackers used a fake email login page designed to steal passwords, which was sent to a top Gilead executive involved in legal and corporate affairs. This incident was part of an effort by an Iranian group to compromise email accounts of staff at the company using messages that impersonated journalists. The attempt was detected through web archives and cybersecurity researchers tracking Iranian hacking activity [Article 99817, Article 99978].
(b) The software failure incident occurring due to human actions:
The software failure incident involving the hacking attempt on Gilead Sciences Inc was initiated by human actions, specifically by hackers linked to Iran. The hackers actively targeted staff at the company by sending a fake email login page to steal passwords. This indicates a deliberate and targeted effort by individuals to compromise the cybersecurity of the company and gain unauthorized access to sensitive information. The incident highlights the role of human actors in carrying out cyberattacks for various motives, including espionage and gaining a competitive advantage in the pharmaceutical industry [Article 99817, Article 99978]. |
| Dimension (Hardware/Software) |
software |
(a) The articles do not mention any software failure incident occurring due to hardware issues. Therefore, there is no information available regarding a software failure incident caused by contributing factors originating in hardware.
(b) The software failure incident mentioned in the articles is related to a cyberattack by hackers linked to Iran targeting staff at Gilead Sciences Inc. The attack involved sending a fake email login page designed to steal passwords to a top Gilead executive involved in legal and corporate affairs [Article 99817, Article 99978]. This incident is a clear example of a software failure caused by contributing factors originating in software, specifically in the form of a phishing email designed to compromise email accounts. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in the articles is malicious. Hackers linked to Iran targeted staff at Gilead Sciences Inc by sending a fake email login page designed to steal passwords to a top executive involved in legal and corporate affairs. The attempt was part of an effort by an Iranian group to compromise email accounts of staff at the company using messages that impersonated journalists. The hacking attempts were linked to Iran, and the infrastructure used in the attempt has been previously used in cyberattacks by a group of suspected Iranian hackers known as "Charming Kitten" [Article 99817, Article 99978]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
The software failure incident reported in the articles is related to a hacking attempt by hackers linked to Iran targeting staff at Gilead Sciences Inc. The intent behind this incident can be categorized as follows:
(a) poor_decisions: The incident could be attributed to poor decisions if there were vulnerabilities in the company's cybersecurity measures or if there were lapses in implementing proper security protocols that allowed the hackers to target and attempt to compromise the email accounts of Gilead staff [99817, 99978].
(b) accidental_decisions: The incident could be considered as a result of accidental decisions if there were unintentional gaps in the company's cybersecurity defenses that were exploited by the hackers, leading to the attempted breach of email accounts [99817, 99978]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident related to development incompetence is not mentioned in the provided articles.
(b) The software failure incident was accidental as it was caused by hackers linked to Iran targeting staff at U.S. drugmaker Gilead Sciences Inc in recent weeks. The hackers attempted to compromise email accounts of staff at the company using messages that impersonated journalists, indicating an intentional and malicious act [Article 99817, Article 99978]. |
| Duration |
temporary |
The software failure incident reported in the articles is temporary. This incident was a result of a targeted hacking attempt by hackers linked to Iran on staff at Gilead Sciences Inc, a U.S. drugmaker, in recent weeks [Article 99817, Article 99978]. The hackers attempted to compromise email accounts of staff at the company using fake email login pages designed to steal passwords. The attack was part of an effort by an Iranian group to gather intelligence on COVID-19, the disease caused by the novel coronavirus, and gain an advantage in developing treatments [Article 99817, Article 99978]. The incident was specific to the targeted hacking attempts and not a permanent failure affecting the entire software system. |
| Behaviour |
omission, byzantine, other |
(a) crash: The articles do not mention any software crash incidents.
(b) omission: The incident involves a fake email login page designed to steal passwords being sent to a top Gilead executive, indicating an omission in the system's security measures that allowed the malicious email to reach the recipient [Article 99817, Article 99978].
(c) timing: There is no indication of a timing-related failure in the system.
(d) value: The incident involves an attempt by Iranian hackers to compromise email accounts of Gilead staff, which could lead to the system performing its intended functions incorrectly if successful [Article 99817, Article 99978].
(e) byzantine: The incident involves hackers linked to Iran targeting Gilead staff, which can be considered a byzantine behavior as the attackers are engaging in deceptive and inconsistent interactions with the system [Article 99817, Article 99978].
(f) other: The incident also highlights a broader issue of cyber spies focusing their intelligence-gathering efforts on COVID-19-related information, which could lead to various other types of software failures such as data breaches, unauthorized access, or espionage [Article 99817, Article 99978]. |