The attacks are suspected of being linked to the Russian intelligence services group APT29
Hackers linked to Russian intelligence are trying to steal data on vaccines and drugs for COVID-19 from academic and pharmaceutical institutions around the world, the British National Cyber Security Center (NCSC) said Thursday..
According to a joint statement from the United Kingdom, the United States and Canada, the attacks are believed to be behind the hacker group APT29, also known as Cozy Bear. Allegedly, the group almost certainly acted as part of the Russian special services..
“We condemn these outrageous attacks on those doing vital work to combat the coronavirus pandemic,” said NCSC Chief of Operations Paul Chichester..
British Foreign Secretary Dominic Raab calls attacks on pandemic research “completely unacceptable”.
“While others recklessly pursue their selfish interests, the UK and its allies continue the challenging job of finding a vaccine and global health,” Raab said, adding that the UK will work together with allies to bring those responsible to justice..
The attacks continue to this day and are carried out using a variety of tools and techniques, such as phishing and malware, according to NCSC..
“APT29 is likely to continue to target organizations involved in research and development of vaccines against COVID-19 as they try to answer additional intelligence questions regarding the pandemic,” NCSC said in a statement..
U.S. Homeland Security Agency Provides Cybersecurity Advisory Following Identified Attacks.
“The NSA, like our partners, remains committed to protecting national security and we are collectively publishing these important cybersecurity guidelines as foreign actors continue to take advantage of the ongoing COVID-19 pandemic,” said NSA director of affairs Cybersecurity Ann Neuberger. “APT29 has attacked government, diplomatic, analytical, medical and energy organizations multiple times in the past for intelligence, so we urge everyone to take this threat seriously and take the recommended containment measures.”.
Canadian authorities said the attacks are hampering the fight against the pandemic and are increasing risks to healthcare organizations. Canadian Center for Signal Intelligence and Cyber Threat Detection Advises Agencies to Take Protective Measures.
In May, the United Kingdom and the United States already reported that hacker groups are attacking international organizations responsible for combating the COVID-19 pandemic. However, such attacks have not previously been linked directly to the Russian state..
I will follow