Advertising

Russian hackers targeting Covid-19 researchers, UK security agency warns

UK News | Published:

NCSC director of operations Paul Chichester condemned the ‘despicable attacks’.

Hackers linked to the Russian intelligence agencies are targeting British scientists seeking to develop a coronavirus vaccine, the National Cyber Security Centre (NCSC) has warned.

In a joint statement with the US National Security Agency and the Canadian Communication Security Establishment, the NCSC said the attacks were part of a global campaign by the group known as APT29 to steal the secrets of vaccine research.

NCSC director of operations Paul Chichester said: “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic.

“We would urge organisations to familiarise themselves with the advice we have published to help defend their networks.”

The UK is home to two of the leading research programmes to develop a vaccine based at Oxford University and Imperial College London.

The NCSC said that, together with the US and the Canadians, it had assessed that APT29 – also known as the Dukes or Cozy Bear – was “almost certainly” operating as part of the Russian intelligence services.

Advertising

It said the group’s campaign of “malicious activity” was aimed predominantly at government, diplomatic, think-tank, healthcare and energy targets in an attempt to steal valuable intellectual property.

The NCSC has previously warned that APT (standing for advanced persistent threat) groups have been targeting organisations involved in both national and international Covid-19 research.

APT29 is said to use a variety of tools and techniques, including spear-phishing and custom malware known as “WellMess” and “WellMail”.

Foreign Secretary, Dominic Raab, said: “It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic.

Advertising

Coronavirus
Dominic Raab said Russian cyber attacks are ‘completely unacceptable’ (Stefan Rousseau/PA)

“The UK will continue to counter those conducting such cyber attacks, and work with our allies to hold perpetrators to account.”

APT29 has been operating for a number of years but this is the first time the NCSC – which operates under the auspices of the GCHQ spy agency – has publicly linked it to Russian intelligence

The group was previously implicated in attacks on the Democratic Party during the 2016 US presidential elections and its activities are said to be known at the “highest level” of the Russian state.

Since the start of the Covid-19 pandemic it is said to have been targeting research into vaccines and therapeutics in multiple countries, focusing particularly on pharmaceutical and academic institutions.

It is said to specialise in exploiting known vulnerabilities in software and then rapidly “weaponising” them.

Sorry, we are not accepting comments on this article.

Advertising

Top Stories

Advertising

More from the Guernsey Press

UK & International News