Britain, United States, Canada accuse Russia of hacking virus vaccine trials. Notorious Russian hackers ‘Cozy Bear’ alleged to be responsible
Britain, the United States, and Canada accused Russia of trying to steal information from researchers seeking a COVID-19 vaccine. Britain’s National Cybersecurity Centre (NCSC) said Thursday that hackers backed by the Russian state are trying to steal COVID-19 vaccine and treatment research from academic and pharmaceutical institutions around the world.
The three nations alleged that hacking group APT29, also known as ‘Cozy Bear,’ which they said was almost certainly operating as part of Russian intelligence services, is attacking academic and pharmaceutical research institutions involved in coronavirus vaccine development.
“It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic,” Foreign Secretary Dominic Raab said in a statement. “While others pursue their selfish interests with reckless behaviour, the U.K. and its allies are getting on with the hard work of finding a vaccine and protecting global health.”
Cozy Bear, classified as advanced persistent threat APT29, is a Russian hacker group believed to be associated with Russian intelligence. Cybersecurity firm CrowdStrike also previously suggested that it may be associated with either the Russian Federal Security Service (FSB) or SVR. The group was given other nicknames by other cybersecurity firms, including Office Monkeys, CozyCar, The Dukes (by Volexity), and CozyDuke (by F-Secure).
“We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic,” said NCSC Director of Operations, Paul Chichester. British foreign minister Dominic Raab said it was “completely unacceptable” for Russian intelligence services to target work on the pandemic.
“While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health,” he said in a statement. He said Britain would work with allies to hold perpetrators to account.
The NCSC added the group’s attacks were ongoing and used a variety of tools and techniques, including spear-phishing and custom malware.
Cozy Bear, also known as the “dukes,″ has been identified by the United States as one of two Russian government-linked hacking groups that broke into the Democratic National Committee computer network and stole emails ahead of the 2016 presidential election. The other group is usually called Fancy Bear.
For months, the U.S. authorities have leveled accusations against China for trying to steal U.S. intellectual properties. FBI Director Chris Wray said last week, “At this very moment, China is working to compromise American health care organizations, pharmaceutical companies, and academic institutions conducting essential COVID-19 research.”