Russia ‘is trying to steal the coronavirus vaccine’: US, UK and Canada accuse Moscow of punishing wave of ‘despicable’ cyber attacks on companies and universities involved in pivotal research
- Western allies issue a joint statement accusing Russia of cyber attacks
- UK, US and Canada claim that Russia is trying to steal coronavirus vaccine research
- Security chiefs believe the Kremlim has given the green light to hacking group APT29
- Downing Street said the attacks on scientists who do vital work are … despicable. ‘
The UK, US and Canada today accused Russia of attempting to steal coronavirus vaccine research by punishing “despicable” cyber attacks against medical organizations and universities.
The three countries issued a joint statement this afternoon claiming that a hacking group called APT29, also known as Cozy Bear, is engaged in an ongoing campaign of “malicious activity.”
Heads of security believe that the group “almost certainly” operates as part of Russian intelligence services, with officials confident that the Kremlin has given the green light to the activity.
The three countries believe that the purpose of the Russian attacks is to steal intellectual property so that Moscow can develop a coronavirus vaccine first or at least simultaneously with the UK, US and Canada.
Pharmaceutical and academic institutions are believed to be targets of hackers, but the identity of specific targets has not been made public.
The statement is likely to trigger a diplomatic storm and exacerbate already tense relations between the UK and Russia.
The Prime Minister’s official spokesperson said the cyber attacks on scientists are “despicable.”
The NCSC concluded that APT29 “almost certainly operates as part of Russian Intelligence Services”. Russian President Vladimir Putin is depicted in Moscow on July 16
The Prime Minister’s official spokesman said, “The attacks that are taking place against scientists and others who are doing vital work to fight the coronavirus are despicable.
“In collaboration with our allies, we will call on those who want to harm us in cyber space and hold them to account.”
The National Cyber Security Center (NCSC) today detailed the activity of the APT29 group.
The NCSC concluded that APT29 “almost certainly operates as part of Russian Intelligence Services”.
The organization’s assessment is supported by the United States Department of Homeland Security, the Cybersecurity Infrastructure Security Agency and the National Security Agency, as well as the Canadian Communication Security Establishment.
The NCSC said that APT29’s “campaign of malicious activity is ongoing” and that it is “predominantly against government, diplomatic, think tank, health and energy goals to steal valuable intellectual property.”
NCSC Operations Director Paul Chichester said: “We condemn these despicable attacks on those who are doing vital work to fight the corona virus pandemic.
“Working with our allies, the NCSC is committed to protecting our most critical assets, and our top priority right now is to protect the health sector.
“We want to encourage organizations to familiarize themselves with the advice we have published to help defend their networks.”
The NCSC has previously warned that APT groups, which stands for Advanced Persistent Threat, target organizations involved in both national and international COVID-19 responses.
The body said APT29’s known targets included British, American and Canadian vaccine research and development organizations.
Secretary of State Dominic Raab said the UK will work with its allies to “hold perpetrators to account” for wanting to end cyber attacks.
He said, “It is completely unacceptable for Russian intelligence services to target those working to fight the corona virus pandemic.
While others pursue their selfish interests with reckless behavior, the UK and its allies continue the hard work of finding a vaccine and protecting global health.
“The UK will continue to fight those who carry out such cyber-attacks and work with our allies to hold perpetrators to account.”
The NCSC was established in 2016 to strengthen UK cybersecurity systems and is part of GCHQ. It is the UK’s foremost technical authority in the field of cyber security.