Russian state-sponsored hackers are targeting organisations pertaining to coronavirus vaccine development.
Russian state-sponsored hackers are targeting organisations pertaining to coronavirus vaccine development.
The hackers are “almost certainly” part of Russian intelligence services group called APT29, also known as “the Dukes” or “Cozy Bear”.
The Russian hackers have been targeting British, Canadian and American organisations to access information about medical supply chains,
The warning was published by an international group of security services:
- the UK’s NCSC
- the Canadian Communication Security Establishment (CSE)
- the United States Department for Homeland Security (DHS) Cyber-security Infrastructure Security Agency (CISA)
- the US National Security Agency (NSA)
APT29 employs a variety of tools and techniques including phishing emails and deploy custom families of malware known as “WellMess” and “WellMail”, which can issue commands on infected machines -against organisations involved in vaccine development. It is well known as the offender of several high profile International cyber-attacks including attacks on the US Democratic Party during 2016 elections.
There is still no indication to suggest that the attacks had been successful in their goal of stealing medical secrets. However, the authorities claim that none of the vaccine research had been compromised as a result. The attacks have created a widespread International warning on the attacks taking place against vaccine researchers.
“While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health. The UK will continue to counter those conducting such cyber attacks, and work with our allies to hold perpetrators to account, ” said Dominic Raab, UK’s Foreign Secretary.
“COVID-19 is an existential threat to every government in the world, so it's no surprise that cyber-espionage capabilities are being used to gather intelligence on a cure, ” said John Hultquist, senior director of intelligence analysis at Mandiant Threat Intelligence.
Paul Chichester said that " we would urge organisations to familiarise themselves with the advice we have published to help defend their networks.”
The Foreign Secretary has issued a statement regarding this advisory.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: “BlueLeaks” Exposes Data of 200 US police Departments and Exposed Online