A notice published by the National Cyber Security Center (NCSC) in the United Kingdom details the activities of the Russian hacking group and explicitly calls for targeting American, British and Canadian vaccine research and development organizations.
“The APT29 malicious activity campaign continues, primarily against government, diplomats, think tanks, healthcare and energy targets to steal valuable intellectual property,” said a press release.
Cozy Bear is one of two hacking groups linked to the Russian intelligence services which would have accessed the internal systems of the National Democratic Committee before the 2016 American elections, but Thursday’s announcement is the first time that this group is appointed in relationship with cyberattacks related to the coronavirus pandemic.
US, UK and Canadian authorities have issued several warnings about state-supported cyber attacks against organizations involved in the response to the coronavirus in recent months.
div>In April, CNN also reported a growing wave of cyber attacks against U.S. government agencies and medical institutions leading the pandemic response from nation states and criminal groups.
Hospitals, research labs, healthcare providers and pharmaceutical companies have all been affected, officials said at the time.
The Department of Health and Human Services – which oversees the Centers for Disease Control and Prevention – was also hit by a wave of daily strikes, an official with direct knowledge of the attacks told CNN, adding that Russia and the China was the main culprit.
“The National Security Agency (NSA), as well as our partners, remains faithful to its commitment to protect national security by collectively issuing this critical opinion on cybersecurity while foreign players continue to take advantage of the COVID pandemic- 19 underway, “said NSA Cybersecurity director Anne Neuberger said in a statement Thursday.
“APT29 has a long history of targeting government, diplomatic, think tank, health care and energy organizations for information. We therefore encourage everyone to take this threat seriously and to apply the mitigations set out in the opinion, “she said.
The NCSC, which is the UK’s main cybersecurity technical authority and part of the UK Government’s communications headquarters (GCHQ), said that the APT29 “would almost certainly work in the context of services Intelligence Service “.
div class=”el__embedded el__embedded–standard”>