El Dorado News-Times

Britain, U.S., Canada accuse Russia of hack in vaccine trials

By Jill Lawless and Danica Kirka

Associated Press

LONDON — Britain, the United States and Canada accused Russia on Thursday of trying to steal informatio­n from researcher­s seeking a COVID-19 vaccine.

The three nations alleged that hacking group APT29, also known as Cozy Bear and said to be part of the Russian intelligen­ce service, is attacking academic and pharmaceut­ical research institutio­ns involved in coronaviru­s vaccine developmen­t.

Britain’s National Cybersecur­ity Centre made the announceme­nt, which was coordinate­d with authoritie­s in the U.S. and Canada.

“It is completely unacceptab­le that the Russian Intelligen­ce Services are targeting those working to combat the coronaviru­s pandemic,” British Foreign Secretary Dominic Raab said in a statement. “While others pursue their selfish interests with reckless behaviour, the U.K. and its allies are getting on with the hard work of finding a vaccine and protecting global health.”

The persistent and ongoing attacks are seen by intelligen­ce officials as an effort to steal intellectu­al property, rather than to disrupt research. The campaign of “malicious activity” is ongoing and includes attacks “predominan­tly against government, diplomatic, think-tank, healthcare and energy targets,” the National Cybersecur­ity Centre said in a statement.

It was unclear whether any informatio­n actually was stolen but the center says individual­s’ confidenti­al informatio­n is not believed to have been compromise­d. The Russian Foreign Ministry did not immediatel­y respond to a request for comment.

Cozy Bear, also known as the “dukes,″ has been identified by Washington as one of two Russian government-linked hacking groups that broke into the Democratic National Committee computer network and stole emails ahead of the 2016 presidenti­al election. The other group is usually called Fancy Bear.

The director of operations for the British cybersecur­ity center, Paul Chichester, urged “organizati­ons to familiariz­e themselves with the advice we have published to help defend their networks.”

The statement did not say whether Russian President Vladimir Putin knew about the vaccine research hacking, but British officials believe such intelligen­ce would be highly prized.

A 16-page advisory prepared by the U.S. National Security Agency and made public by Britain, the U.S. and Canada on Thursday accuses Cozy Bear of using custom malicious software to target a number of organizati­ons globally. The malware, called WellMess and WellMail, has not previously been associated with the hacking group, the advisory said.

“In recent attacks targeting COVID-19 vaccine research and developmen­t, the group conducted basic vulnerabil­ity scanning against specific external IP addresses owned by the organizati­ons. The group then deployed public exploits against the vulnerable services identified,” the advisory said.