The US, UK and Canada have all accused Russia of hacking researchers who are seeking a COVID-19 vaccine.
On Thursday, APT29, also known as Cozy Bear, were subject to allegations from the three NATO allies. It has been alleged that they have been attacking academic and pharmaceutical research institutions involved in coronavirus vaccine development. Cozy Bear are also said to be part of the Russian intelligence service, as reported by Al Jazeera.
“It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic,” Foreign Secretary from Britain’s National Cyber Security Centre, Dominic Raab, said in a statement. “While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health.”
However, the statement from the United States’ National Cyber Security Centre says that the hacking was directed at stealing intellectual property, rather than disrupting the processes, though it remains unclear whether they were attacking individual privacy rights.
“The persistent and continuing attacks are seen by intelligence officials as an effort to steal intellectual property, rather than to disrupt research. The campaign of “malicious activity” is ongoing and includes attacks “predominantly against government, diplomatic, think-tank, healthcare and energy targets,” said a statement.
However, Russia has denied any involvement in the cyber attack.
“We have no information on who could have hacked pharmaceutical companies and research centres in Britain,” Kremlin spokesman Dmitry Peskov told the TASS news agency. “We can only say this: Russia has nothing to do with these attempts.”
There is also no suggestion from any of the statements whether Russian President, Vladimir Putin had any knowledge of the hacking.
A 16-page advisory released by Britain says that the alleged hacking involved using malware, called WellMess and WellMail, which has not previously been associated with the Russian group in any previous hacking efforts.
“In recent attacks targeting COVID-19 vaccine research and development, the group conducted basic vulnerability scanning against specific external IP addresses owned by the organisations. The group then deployed public exploits against the vulnerable services identified,” the advisory said.
US officials, including FBI director, Chris Wray have also made similar accusations against China, who he accuses of “working to compromise American healthcare organisations, pharmaceutical companies and academic institutions conducting essential COVID-19 research.”