UK National Cyber Security Center (NCSC) accused Russian Intelligence Services of attempted information theft from organizations in the United States, Canada and the United Kingdom, involved in the development of the Covid-19 coronavirus vaccine, through a group of hackers known as APT29, Cozy Bear or dukes.
In one statement, UK cybersecurity officials said “almost certainly” that APT29 operates as part of the Russian Intelligence Services, through a malicious activity campaign to learn about progress in the vaccine to combat Covid-19. According to the NCSC, cyber hackers have attacked organisms using multiple tools and techniques ranging from spear phishing and custom malware that is known to it as “WellMess” and “WellMail”.
“APT29’s campaign of malicious activity is ongoing, predominantly against government, diplomatic, expert, health care and energy targets to steal valuable intellectual property,” they said in a statement. “We condemn these despicable attacks on those who do vital work to combat the coronavirus pandemic,” said NCSC Chief operating officer Paul Chichester.
In his defense, Kremlin spokesman Dmitry Peskov said Russia is not behind the cyberattacks accused by the NCSC, against organizations and experts seeking a vaccine for the Covid-19, according to the state news agency TASS.
“We have no information on who could have hacked pharmaceutical companies and research centers in the UK,” Peskov said. We can say one thing: Russia has nothing to do with these attempts and we do not accept such accusations just as we do not accept another set of unfounded accusations of interference in the 2019 elections.”
The NCSC concluded by warning that APT29 is likely to continue to attack such organizations.
