Russian hackers are targeting organizations trying to develop a vaccine against the coronavirus, a group of national security services has warned.
The National Cyber Security Center (NCSC) in the United Kingdom has said that hackers “almost certainly” operate as “part of the Russian intelligence services”.
He said the group had used malware to try to steal information about the development of the Covid-19 vaccine.
NCSC director of operations Paul Chichester said it was “despicable.”
The warning was issued by a group of security services:
- the British NCSC
- the Canadian Center for Communication Security (CSE)
- the United States Department of Homeland Security (DHS) Cyber-security Infrastructure Security Agency (CISA)
- et la US National Security Agency (NSA)
The hackers are part of a group called APT29, also known as “The Dukes” or “Cozy Bear”.
They exploited software vulnerabilities to gain access to vulnerable computer systems and used malware called WellMess and WellMail to download and download files from infected machines.
They also lured individuals into submitting login information using phishing attacks.
- Phishing e-mails are designed to encourage the recipient to provide their personal information
- Phishing is a form of targeted and personalized attack, designed to deceive a specific individual. Often the email appears to come from a trusted contact and may include personal information to make the message more convincing
“Throughout 2020, APT29 has targeted various organizations involved in the development of Covid-19 vaccines in Canada, the United States and the United Kingdom, most likely with the intention of stealing related information and intellectual property to the development and testing of Covid-19 vaccines, “said the report.
He did not specify which organizations were targeted or whether information had been stolen.