Russian state intelligence is hacking international research centers that are racing to develop a Covid-19 vaccine, the U.K., U.S. and Canadian governments said.
It is unclear whether research facilities have been damaged or if the vaccine programs have been set back as a result of the hacks but officials warned that the cyber attacks are ongoing.
In a dramatic statement on Thursday, Britain’s National Cyber Security Centre (NCSC) said vaccine and therapeutic sectors in multiple countries have been targeted by a group known as APT29, which it said is “almost certainly” part of Russian state intelligence. Security agencies in the U.S. and Canada later issued their own statements backing up the findings.
“It is completely unacceptable that the Russian intelligence services are targeting those working to combat the coronavirus pandemic,” British Foreign Secretary Dominic Raab said. “While others pursue their selfish interests with reckless behavior, the U.K. and its allies are getting on with the hard work of finding a vaccine and protecting global health.”
The intelligence bombshell came at a delicate time in geopolitics with a combative U.S. election looming in November and the pandemic plunging the world economy into recession. Coronavirus has launched a global race for a vaccine, in which researchers in the U.K. have made progress recently.
Back in Moscow, President Vladimir Putin’s popularity is a record low and the Russian leader has taken steps to ensure he can remain in power until 2036. Russia has repeatedly dismissed claims it meddles in elections despite repeated allegations of interference.
Cozy Bear
Russia denied any involvement in hacking coronavirus vaccine research. “We don’t know who may have hacked pharmaceutical companies and research centers. We can only say Russia has nothing to do with these attempts,” Kremlin spokesman Dmitry Peskov told Bloomberg.
The NCSC said APT29, which also goes by the name of Cozy Bear or The Dukes, has targeted U.K., U.S. and Canadian vaccine research and development organizations. The campaign of malicious activity is ongoing, predominantly against government, diplomatic, think-tank, healthcare and energy targets to steal valuable intellectual property, it said.
Researchers have long linked APT29 to Russian intelligence agencies. For more than a decade, the group has carried out hacking campaigns that have targeted dozens of governments, research institutes, and corporations around the world, according to an analysis published in March by cybersecurity firm Carbon Black.
In 2016, US cybersecurity firm Crowdstrike linked APT29 to hack of the Democratic National Committee. The Russian hackers penetrated the DNC’s servers in the summer of 2015, and maintained access to the organization’s data for about a year, according to Crowdstrike researchers.