Russian hackers are reportedly trying to steal coronavirus vaccine research from the the US, UK
The infamous Cozy Bear strikes againBy Adrian Potoroaca 29 comments
Why it matters: According to the World Health Organization, there are over 160 different coronavirus vaccines in various stages of development around the world. Amid rising concerns over the availability of these vaccines, some countries like Russia and China are reportedly using cyberattacks on key institutions in other countries to gain access to research data.
US, Canada and UK government officials are blaming a group of state-backed hackers for an ongoing campaign that is targeted at universities, diplomatic agencies, and international health organizations.
According to the UK's National Cyber Security Centre (NCSC), the attackers seem focused on getting information related to the development of vaccines for the novel coronavirus. All signs point to the infamous APT29 hacking group – also known as Cozy Bear – that has been linked to Russian intelligence agencies.
The US National Security Agency and the Canadian Communications Security Establishment agree with NCSC's assessment, and confirmed that Cozy Bear has been trying to steal intellectual property using "a variety of tools and techniques," from simple port scanning and spear-phishing to deploying custom malware known as WellMess for data extraction.
The UK publicly condemned the Russian Intelligence Services for the attacks, noting that "while others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health."
Russia isn't the only country that's being frowned upon. Back in May, the FBI alongside the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) made similar accusations towards China, who is said to have funded hacking cells to conduct espionage on the coronavirus vaccine efforts of the US and its allies.