Hackers associated with Russian intelligence services are trying to steal information from researchers involved in coronavirus vaccine development, according to a joint advisory by U.K., U.S. and Canadian authorities published Thursday.
The big picture: This isn't the first time a foreign adversary has been accused of attempting to steal COVID-19-related research. U.S. officials in May announced an uptick in Chinese-government affiliated hackers targeting medical research and other facilities in the United States for data on a potential cure or effective treatments to combat the virus.
- Additionally, “more than a dozen countries have redeployed military and intelligence hackers to glean whatever they can about other nations’ virus responses,” reports the New York Times.
- According to a recent FBI bulletin, “nation-state cyber actors are targeting COVID-19-related research as many foreign governments seek to accelerate their own R&D processes and clinical trials.”
What's happening: Officials accused a group called APT29 — also known as “the Dukes” or “Cozy Bear” — of targeting organizations involved in vaccine research for cyber attacks. The group "almost certainly operate as part of Russian intelligence services," officials wrote.
How it works: The assessment suggests Russia's primary goal is to steal intellectual property, rather than to disrupt research.
- The "campaign of malicious activity" is ongoing and has targeted government and diplomatic agencies, along with think-tanks and healthcare and energy companies.
- The group uses a variety of techniques, including spear-phishing and custom malware known as “WellMess” and “WellMail”.
- The assessment, published by the U.K.'s National Cyber Security Centre, was supported by the U.S. Department of Homeland, Cybersecurity Infrastructure Security Agency, National Security Agency and Canada's Communication Security Establishment.
What they're saying: "While others pursue their selfish interests with reckless behaviour, the U.K. and its allies are getting on with the hard work of finding a vaccine and protecting global health," U.K. Foreign Minister Dominic Raab said in a news release.
- "The UK will continue to counter those conducting such cyber attacks, and work with our allies to hold perpetrators to account."
Go deeper: Inside hackers' pivot to medical espionage