Russian hackers are targeting organizations developing coronavirus vaccines, according to security officials from the U.K., United States and Canada.
A co-ordinated statement from Britain, the United States and Canada attributed the attacks to group APT29, also known as ‘Cozy Bear’, which they said was almost certainly operating as part of Russian intelligence services.
The U.K.’s National Cyber Security Centre (NCSC) Thursday published details of attacks which it says are being carried out by a group known as APT29, also named “the Dukes” or “Cozy Bear,” that it alleges “almost certainly” operate as part of Russian intelligence services.
“We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic,” said NCSC Director of Operations, Paul Chichester.
The NCSC said in a statement the group’s attacks were ongoing and used a variety of tools and techniques, including spear-phishing and custom malware.
“APT29 is likely to continue to target organisations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic,” the NCSC statement said.
Britain and the United States said in May that networks of hackers were targeting national and international organisations responding to the COVID-19 pandemic. But such attacks have not previously been explicitly connected to the Russian state.
The Russian government-linked group Cozy Bear is widely suspected of hacking the Democratic Party ahead of the 2016 U.S. election
Politico / Reuters