Russian hacking group indicted for attempt to steal COVID-19 vaccine research

*Hacking group APT29 (“the Dukes” or “Cozy Bear”) reportedly targeting healthcare firms in US, UK, Canada, using malware and spear-phishing attacks

Alexander Davis | ConsumerConnect

A Russian hacking group is apparently targeting organisations carrying out research on a COVID-19 vaccine, according to intelligence agencies from the United States (US), United Kingdom (UK) and Canada.

ConsumerConnect learnt security officials at the UK National Cyber Security Centre (NCSC), in an advisory published Thursday, July 16, 2020, warned that a hacking group called APT29 (also called “the Dukes” or “Cozy Bear”) is targeting healthcare organisations in the three countries.

Report indicates the group is using malware and spear-phishing attacks to try to steal Coronavirus vaccine research.

Officials didn’t say how much vaccine information the Russian group has stolen or how the group’s actions have impacted research efforts.

A statement on the advisory said: “APT29’s campaign of malicious activity is ongoing, predominantly against government, diplomatic, think tank, healthcare and energy targets to steal valuable intellectual property.”

Anne Neuberger, National Security Agency’s Cybersecurity Director, stated that “APT29 has a long history of targeting governmental, diplomatic, think-tank, healthcare and energy organisations for intelligence gain, so we encourage everyone to take this threat seriously.”

Dominic Raab, UK’s Foreign Secretary, in a statement said it’s “completely unacceptable that the Russian Intelligence Services are targeting those working to combat the Coronavirus pandemic.

“While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health.”

The U.K. will “continue to counter those conducting such cyber-attacks”, adding that the NSA remains “steadfast in its commitment to protecting national security by collectively issuing this critical cybersecurity advisory as foreign actors continue to take advantage of the ongoing COVID-19 pandemic.”

Meanwhile, global tech giant Twitter has suspended two accounts linked to Russian intelligence.

​The accounts were allegedly used by Russian intelligence officers to spread information stolen from Democrats’ computers and emails during the 2016 election, report said.

The accounts are believed to have been used to bolster Donald Trump’s 2016 presidential campaign and damage Democratic nominee Hillary Clinton’s.

According to the indictment, the hackers went after the Democratic National Committee, Hillary Clinton’s campaign, and the Democratic Congressional Campaign Committee.

A Twitter spokesperson told the New York Daily News that the accounts were suspended for “being connected to a network of accounts previously suspended for operating in violation of our rules.”

Kindly Share This Story