Security officials of the United States, United Kingdom, and Canada said on Thursday, July 16, 2020, that hackers from the Russian Intelligence Services are trying to steal data from researchers working to develop COVID-19 vaccines.
Joint Statement of US, Britain, and Canada
US, UK, and Canada released a joint statement called “Advisory: APT29 targets COVID-19 vaccine development” showing the details of the recent Tactics, Techniques and Procedures (TTPs) of the group “APT29” which is also referred as “the Dukes” or “Cozy Bear”.
What is APT29?
According to the United Kingdom’s National Cyber Security Centre (NCSC) and Canada’s Communications Security Establishment (CSE), APT29 is a cyber espionage group which is almost certainly part of the Russian Intelligence Services which the United States’ National Security Agency (NSA) also agreed with this attribution.
In the statement of Anne Neuberger, Cybersecurity Director for the US National Security Agency, posted in The Washington Post, she encouraged everyone to take the threat seriously because APT29 has a long history of targeting various organizations.
“APT29 has a long history of targeting governmental, diplomatic, think tank, health-care and energy organizations for intelligence gain, so we encourage everyone to take this threat seriously and apply the mitigations issued in the advisory.” Anne Neuberger
“WellMess” and “WellMail” Malware
According to the NCSC report, to target several organizations that are involved with the development COVID-19 vaccine globally, the group APT29 is using custom malware known as “WellMess” and “WellMail”, which have not previously been publicly associated to APT29.
Furthermore, in the NCSC report, it stated that throughout 2020 different organizations developing COVID-19 vaccine in Canada, US, and UK are targeted by APT29 to steal data and the intellectual property connected with COVID-19 vaccines development and testing.
In The Washington Post article, British Foreign Secretary Dominic Raab said that it is completely unacceptable that the Russian intelligence services are targeting those working to combat the coronavirus pandemic.
Security Officials did not confirm whether any of the Russian hackers’ efforts have been successful, The Washington Post stated in their article.
Kremlin Rejects Stealing Allegation
According to the TASS state news agency,Kremlin Spokesman Dmitry Peskov denied the allegation that Russia is trying to steal COVID-19 Vaccine data as it was not backed by proper evidence. Also, they have no information on who could have hacked pharmaceutical companies and research centers in Britain.
In the joint advisory of US, UK, and Canada, they concluded that to answer intelligence questions related to COVID-19, APT29 will continue to target organizations working with COVID-19 vaccine research and development.
Recently, Chief Researcher of the Center for Clinical Research on Medications Elena Smolyarchuk announced that Sechenov First Moscow State Medical University in Russia successfully completed the tests on volunteers of the world’s first vaccine for COVID-19.
Read the full article: