Hackers from Russian intelligence services target organizations involved in the production of COVID-19 vaccines, according to US, UK, and Canadian authorities.
The United Kingdom's National Cyber Security Center (NCSC) has condemned the attacks in an advisory. The NCSC considers the guilty parties to be APT29, also known as "The Dukes" & "Cozy Bear," an espionage group that it claims is possibly affiliated with Russian intelligence services.
This evaluation is sponsored by a range of partner organizations, including the Canadian Communications Security System , the United States Department of Homeland Security, the Cyber Security & Infrastructure Security Agency (CISA) and the National Security Service.
The NCSC believes the hackers are collecting COVID-19 research, including vaccine development information. We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic, said NCSC director of operations Paul Chichester in a statement.
Dominic Raab, Secretary of the United Kingdom for Foreign Affairs, also spoke out against the actions of the party. It is totally inappropriate that Russian intelligence services threaten those trying to counter the coronavirus pandemic, reads Raab 's comment. While some follow their personal interests with reckless actions, the United Kingdom and its allies are working hard to find a vaccine and protect global health.
Dominic Raab, UK Foreign Secretary, also spoke out against the actions of the party. "It is completely inappropriate that the Russian Intelligence Service is targeting those trying to fight the coronavirus pandemic," Raab says. "While some follow their personal interests with reckless actions, the United Kingdom and its allies are working hard to find a vaccine and protect global health."
"The United Kingdom will continue to fight cyber attacks and collaborate with our allies to keep the perpetrators responsible," Raab said.
"We have always supported academia and the pharmaceutical industry, both public and private sector organisations, and we have made it clear that this research is our top priority at the moment," said the NCSC spokesperson in an email to The Verge.
According to the NCSC report, APT29 uses a range of tools and techniques in its hacking operations.
The group also uses publicly accessible exploits to perform widespread scanning and manipulation against compromised systems, presumably in an attempt to acquire credential for authentication to allow further access, the advisory reads. Hackers are thought to keep a big store of login information.
If APT29 has violated its target organizations, the group will deploy custom malware ... To carry out further operations in the victim's network.
As cases of COVID-19 spread around the world, multiple countries have warned against international cyber attacks on medical research. In May, the FBI and CISA formally accused China of funding and operating hacking efforts to steal new information on coronavirus vaccines from the US and its allies, stating that the potential theft of this information jeopardizes the delivery of safe, effective and effective treatment options.
Earlier this year, the United States and the United Kingdom released a alert about "advanced persistent threat groups" from countries such as China, Iran , North Korea, and Russia targeting health care organisations, pharmaceutical firms, universities, medical research institutions, and local governments.