- According to the UK’s National Cyber Security Centre, state-backed Russian hackers are attempting to steal novel coronavirus vaccine research from hospitals, labs, and other organizations.
- Security agencies in the US and Canada back up the NCSC’s report, which claims that Russian hacking group APT29 is behind the cyberattacks.
- The NCSC advises any organizations doing work on COVID-19 vaccines or treatments to keep their software updated, use anti-virus tools, and turn on two-factor authentication everywhere.
According to the UK’s National Cyber Security Centre, hackers backed by the Russian government are attempting to steal novel coronavirus vaccine research from hospitals, laboratories, and other organizations. The NCSC says that the hacking group APT29, which also goes by “Cozy Bear” and “the Dukes,” is behind the cyberattack.
In an advisory published on Thursday, the NCSC announced that Canada’s Communications Security Establishment (CSE) as well as the National Security Agency (NSA) and Department for Homeland Security (DHS) in the US agree with the UK’s assessment. The hackers are said to be using a variety of techniques to hit targets all over the world, including spear-fishing and custom malware known as “WellMess” and “WellMail.”
The advisory also reveals that APT29 has been targeting organizations involved in COVID-19 vaccine development since the earliest stages of the pandemic in Canada, Britain, and America, “highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines.” NCSC Director of Operations, Paul Chichester, shared his thoughts on the matter on Thursday as well:
We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic. Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector. We would urge organisations to familiarise themselves with the advice we have published to help defend their networks.
That advice includes a number of potential mitigation efforts that organizations at risk can employ, from using anti-virus software to using two-factor authentication to warning employees about phishing attacks to simply keeping all of their software up to date. As if we needed any more evidence that we’re all vulnerable to cyberattacks, we all watched the Twitter accounts of Barack Obama, Elon Musk, Kanye West, and more be taken over by hackers on Wednesday night. One of the biggest communication platforms on the planet was co-opted by a Bitcoin scammer.
The good news is that vaccine development continues apace, as Pfizer announced just days ago that its candidate is producing antibodies in study participants similar to those found in patients who have recovered from COVID-19. One of the participants even spoke about being in the trial. There are over 100 vaccines in various stages of development, and top health experts expect one to be ready for public consumption by early 2021.