Russia tried to hack coronavirus vaccine research, US, UK and Canada say
The U.S. National Security Agency agreed with the assessment.
July 16, 2020, 2:55 PM
4 min read
A “cyber espionage group” associated with the Russian intelligence services has attempted to hack into coronavirus vaccine research in the U.S., Britain and Canada, according to a report from the U.K.’s National Cyber Security Center.
“Throughout 2020, APT29 has targeted various organizations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines,” the NCSC report said.
APT29, also known as “the Dukes” or “Cozy Bear,” is one of the Russian Intelligence Service entities identified in the FBI’s assessment of malicious cyber activity in the 2016 presidential election.
“It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic,” Dominic Raab, the U.K.’s foreign secretary, said in response to the advisory. “While others pursue their selfish interests with reckless behavior, the U.K. and its allies are getting on with the hard work of finding a vaccine and protecting global health.”
He added, “The U.K. will continue to counter those conducting such cyber attacks and work with our allies to hold perpetrators to account.”
The NCSC’s advisory lays out indicators of compromise and detection rules for companies involved in vaccine research, and warns that APT29 “is likely to continue to target organizations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic.”
Anne Neuberger, NSA’s cybersecurity director, said the report would help to encourage everyone to “take this threat seriously.”
“The National Security Agency (NSA), along with our partners, remains steadfast in its commitment to protecting national security by collectively issuing this critical cybersecurity advisory as foreign actors continue to take advantage of the ongoing COVID-19 pandemic,” Neuberger said in a statement to ABC News. “APT29 has a long history of targeting governmental, diplomatic, think-tank, healthcare and energy organizations for intelligence gain so we encourage everyone to take this threat seriously and apply the mitigations issued in the advisory.”
In May, the FBI and the Cybersecurity and Infrastructure Security Agency said Chinese-affiliated “cyber actors and nontraditional collectors” were attempting to steal research related to COVID-19 vaccines and treatment.
“The potential theft of this information jeopardizes the delivery of secure, effective and efficient treatment options,” the Department of Homeland Security said in a statement.
“Russia’s efforts to steal information regarding COVID-19 vaccine development is part of an ongoing pattern of behavior by hostile foreign intelligence services to use cyberattacks as a means to gather sensitive information and even conduct covert attacks,” ABC News’ national security contributor John Cohen said. “The growing use of these techniques by countries like Russia, China, North Korea and Iran represent a significant national security threat to the U.S. and other western nations.”
The Kremlin has denied Russian involvement in the hacking of pharmaceutical companies as well as allegations that it interfered in the 2019 U.K. election, Russian news agency RIA Novosti reported.