Russian cyber hackers are targeting organizations involved in the development of the coronavirus vaccine, security officials in the United States, the United Kingdom and Canada said Thursday.
The British National Cyber Security Center (NCSC) released a notice detailing the activity of the threat group known as APT29, which “has exploited organizations worldwide.”
The NCSC evaluated that APT29, also called “the Dukes” or “Welcoming Bear”, almost certainly operate as part of the Russian Intelligence Services. The assessment is supported by partners from the Canadian Communication Security Establishment (CSE), the US Department of Homeland Security (DHS), the Cybersecurity Infrastructure Security Agency (CISA) and the National Security Agency ( NSA).
CORONAVIRUS VACCINE TEST: FIRST TEST ON YIELD ANTIBODIES IN PATIENTS IN THE UNITED STATES, RESEARCHERS SAY
“It is completely unacceptable for the Russian intelligence services to target those working to combat the coronavirus pandemic,” said UK Foreign Secretary Dominic Raab in a statement. “While others pursue their selfish interests with reckless behavior, the UK and its allies continue the hard work of finding a vaccine and protecting global health.”
The NCSC made the announcement in a press release, stating that “APT29’s campaign of malicious activity is ongoing, predominantly against government, diplomatic, think tank, health care and energy targets to steal valuable intellectual property.”
“We condemn these despicable attacks on those who do vital work to combat the coronavirus pandemic,” said Paul Chichester, director of operations for NCSC, in a statement. “By working with our allies, the NCSC is committed to protecting our most critical assets, and our top priority right now is to protect the health sector.”
Chichester also urged “organizations to familiarize themselves with the tips we have posted to help defend their networks.”
THE CHINESE STATE DRUG COMPANY USED WORKERS AS GUINEA PIGS TO TEST THE CORONAVIRUS VACCINE: REPORT
The NCSC said they are more than 95 percent sure that APT29 is part of the Russian Intelligence Services. He also assessed that it is highly likely, between 80 and 90 percent, that this activity was to collect information on the research of the COVID-19 vaccine or the research of the COVID-19 virus.
Persistent and ongoing attacks are viewed by intelligence officials as an effort to steal intellectual property, rather than interrupt the investigation. It was unclear if any information was stolen, but the British center says that the people’s confidential information is not believed to have been compromised.
Cozy Bear, also known as “the Dukes,” has been identified by Washington as one of two Russian government-linked piracy groups that broke into the Democratic National Committee’s computer network and stole emails ahead of the 2016 presidential election. The other group is generally called Fancy Bear.
The NCSC previously warned that APT groups, which pose advanced persistent threats, have targeted organizations involved in both national and international COVID-19 responses. He said APT29’s known targets include British, American and Canadian vaccine research and development organizations. Authorities say the group uses a variety of tools and techniques, including spear phishing and custom malware known as “WellMess” and “WellMail”.
The statement did not say whether Russian President Vladimir Putin knew about vaccine research piracy, but British officials believe such intelligence would be highly appreciated.
CLICK HERE TO GET THE FOX NEWS APP
The US authorities have made similar charges against China for months. FBI Director Chris Wray said last week: “Right now, China is working to engage American health care organizations, pharmaceutical companies, and academic institutions that conduct essential research on COVID-19.”
Associated Press contributed to this report.
