UK calls out Russia for ‘despicable’ cyberattacks on vaccine efforts
NCSC joins up with counterparts from US and Canada to attribute phishing and malware assaults to Kremlin-linked entities
The Kremlin in Moscow Credit: Pixabay
Britain has accused Kremlin-backed cybercriminals of launching “despicable” attacks on a string of organisations involved in coronavirus vaccine development.
Downing Street said the UK would “call out those who seek to do us harm” after Britain, Canada and the United States pointed the finger at Moscow for attacks on institutions working on research into Covid-19.
The claims came in a joint release from the UK’s National Cyber Security Centre (NCSC), the Canadian Communication Security Establishment, and the United States’ Department for Homeland Security, Cybersecurity Infrastructure Security Agency and National Security Agency.
The security agencies say that an organisation they dub APT29 — also known “the Dukes” or “Cozy Bear” — “almost certainly operate as part of Russian Intelligence Services”, with attacks aimed at a host of institutions involved in work on a coronavirus vaccine.
The group was linked to the 2016 attack on the Democratic National Committee ahead of Donald Trump’s election as US president in 2016.
The NCSC’s director of operations, Paul Chichester, said: “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic. Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector. We would urge organisations to familiarise themselves with the advice we have published to help defend their networks.”
The organisations accuse the group of using a string of techniques including spear-phishing — tricking people into sharing sensitive information — and custom malware to target UK, US and Canadian vaccine research and development organisations.
A Downing Street spokesperson said: “The attacks which are taking place against scientists and others doing vital work to combat coronavirus are despicable. Working with our allies, we will call out those who seek to do us harm in cyber space and hold them to account.”
While the release does not name specific organisations that have been targeted, it is understood that UK authorities are working with vaccine researchers at the University of Oxford and Imperial College London to make them aware of the threat.
The attackers are accused of trying to access and steal information about vaccine research and supply chains rather than directly disrupt their work.
While relatively few in number, the attacks are said to be ongoing and highly targeted, taking place over the past five months as the world grappled with the Covid-19 pandemic.
Foreign Secretary Dominic Raab said it was "completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic".
He added: “While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health. The UK will continue to counter those conducting such cyberattacks, and work with our allies to hold perpetrators to account.”
Newly created organisation aims to improve national resilience
Email addresses and info about eligibility for payments accidentally revealed
Three-year deal awarded to Pegasystems
Revenue spiked 7% to £8.9bn, DCMS study reveals
OneTrust presents the reasons why your organisation should invest in privacy management - and offers three easy tips for getting started
The remote-first world has seen email being relied on more than ever as a core communication mechanism - but with 93% of IT leaders acknowledging a risk to sensitive data, what steps should be...
Jointly, Equinix and Cintra enable organisations with mission-critical Oracle workloads to accelerate their journey to cloud, while minimising transition risks - here's how
Phishing emails are one of the most pernicious threats facing organisations today. If you’ve been leveraging Microsoft 365 and Azure to keep your users productive whilst working remotely, Six...