The U.K.’s National Cybersecurity Centre issued the joint advisory, which was also shared by the U.S. National Security Agency and Cybersecurity and Infrastructure Security Agency (CISA), as well as Canada’s Communications Security Establishment.
“It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic,” U.K Foreign Minister Dominic Raab said in a statement. “While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health.”
The agencies warned that the group known as APT29 — also referred to as “the Dukes” or “Cozy Bear” — was behind the attacks. It was not immediately clear if the group was successful in obtaining any data.
“Throughout 2020, APT29 has targeted various organisations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines,” the advisory said.
The hacker group used malware known as “WellMess” and “WellMail” to target organizations around the world, the agencies said. Their report detailed APT29’s tactics and shared ways to identify whether data had been compromised.
NSA Cybersecurity Director Anne Neuberger said that the group “has a long history of targeting governmental, diplomatic, think-tank, healthcare and energy organizations for intelligence gain.”
“[W]e encourage everyone to take this threat seriously and apply the mitigations issued in the advisory,” Neuberger said in a statement.
Several of the leading vaccine candidates are being developed by researchers in the U.S., the U.K. and Canada, with all three governments pouring billions of dollars into institutions and drugmakers to boost testing and production. One of the most promising candidates, developed by the National Institutes of Health and the drug company Moderna, is set to begin a key final round of testing later this month. U.S. health officials have said they hope to have 300 millions doses of a successful vaccine available by the end of the year.
U.S. authorities have previously accused cyber actors linked to the Chinese government of similar efforts. The FBI and CISA said in May that Chinese hackers were “attempting to identify and illicitly obtain valuable intellectual property (IP) and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research.”
Send your news and stories to us email@example.com or firstname.lastname@example.org and WhatsApp: +447747873668.
Before you go...
Democratic norms are being stress-tested all over the world, and the past few years have thrown up all kinds of questions we didn't know needed clarifying – how long is too long for a parliamentary prorogation? How far should politicians be allowed to intervene in court cases? To monitor these issues as closely as we have in the past we need your support, so please consider donating to The Climax News Room.