The United States, United Kingdom, and Canada have jointly accused Russia of attempting to steal research information from those involved in finding a COVID-19 vaccine. The three countries have alleged that the Russian intelligence service APT29, also called Cozy Bear, has been constantly attacking pharmaceutical institutions in the cyberspace to extract information.
UK’s National Cyber Security Centre (NCSC) made the announcement on Thursday in coordination with leaders in the US and Canada. The 16-page advisory jointly issued by the three countries accuses Cozy Bear of utilizing custom-made malware to target a number of organizations from across the globe. The malicious software, called WellMail and WellMess, were not previously associated with the group. However, there is no clear information as to what exactly was stolen or compromised, although the Centre has claimed that confidential information of personnel and individuals were compromised by the hack.
Previously, Washington has identified Cozy Bear as one of Russia’s state-linked hacking groups which was allegedly involved in the stealing of emails for the Democratic National Committee during the 2016 Presidential election. Another similar group is reportedly called Fancy Bear.
In March, the US Department of Homeland Security had warned that cybercriminals and hacking groups had been targeting coronavirus-related research, noting that the phenomenon of increased tele-networking had opened up new avenues that were easily exploitable by hackers. Targets identified as vulnerable to attacks included pharmaceutical companies, healthcare agencies, medical research centres, academia, and local governments.
British Foreign Secretary Dominic Raab also accused Russia of meddling in his country’s elections. On the alleged COVID-19 hack, he further said, “While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health.” The British position is that the attacks are not being carried out to disrupt research efforts, but are rather attempts to steal intellectual property, and mainly involve hacks against diplomatic, think-tank, energy, and government targets.
The triad identified the Russian group by conducting vulnerability scans against IP addresses linked to the organizations. As expected, the Kremlin has denied these allegations, but British officials are vying for information about whether President Vladimir Putin was aware of the research hack.
In March, an EU report claimed that Russia has been pursuing a “significant disinformation campaign” during the ongoing coronavirus pandemic to aggravate the public health crisis in Western countries. The document states that pro-Kremlin media outlets have aimed to undermine public trust in western healthcare systems, and disseminated fake news online in English, French, Spanish, Italian, and German. These disinformation campaigns spread the erroneous theory that the coronavirus is a biological weapon deployed by China, the US, or the UK. Other conspiracy theories contend that the outbreak was caused by migrants or that it is a hoax.
The US has made similar hacking allegations against Beijing, with FBI officially stating that Chinese companies are working towards compromising American healthcare systems, big pharma, and academic centres that are conducting essential coronavirus research.
On Tuesday, Russia’s defence ministry announced the breakthrough development of a safe COVID-19 vaccine after a bunch of successful clinical trials were carried out on some volunteers. Research for a foolproof vaccine for the highly contagious virus is being carried out by medical professionals and virologists across the world, as the case count crosses 13.7 million, with 589,000 reported deaths across the globe.
Image Source: Techspot
US, UK, and Canada Accuse Russian Hacking Group Cozy Bear of Stealing Coronavirus Research
July 17, 2020
