UK calls out Russia for ‘despicable’ cyberattacks on vaccine efforts
NCSC joins up with counterparts from US and Canada to attribute phishing and malware assaults to Kremlin-linked entities
The Kremlin in Moscow Credit: Pixabay
Britain has accused Kremlin-backed cybercriminals of launching “despicable” attacks on a string of organisations involved in coronavirus vaccine development.
Downing Street said the UK would “call out those who seek to do us harm” after Britain, Canada and the United States pointed the finger at Moscow for attacks on institutions working on research into Covid-19.
The claims came in a joint release from the UK’s National Cyber Security Centre (NCSC), the Canadian Communication Security Establishment, and the United States’ Department for Homeland Security, Cybersecurity Infrastructure Security Agency and National Security Agency.
The security agencies say that an organisation they dub APT29 — also known “the Dukes” or “Cozy Bear” — “almost certainly operate as part of Russian Intelligence Services”, with attacks aimed at a host of institutions involved in work on a coronavirus vaccine.
The group was linked to the 2016 attack on the Democratic National Committee ahead of Donald Trump’s election as US president in 2016.
The NCSC’s director of operations, Paul Chichester, said: “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic. Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector. We would urge organisations to familiarise themselves with the advice we have published to help defend their networks.”
The organisations accuse the group of using a string of techniques including spear-phishing — tricking people into sharing sensitive information — and custom malware to target UK, US and Canadian vaccine research and development organisations.
A Downing Street spokesperson said: “The attacks which are taking place against scientists and others doing vital work to combat coronavirus are despicable. Working with our allies, we will call out those who seek to do us harm in cyber space and hold them to account.”
While the release does not name specific organisations that have been targeted, it is understood that UK authorities are working with vaccine researchers at the University of Oxford and Imperial College London to make them aware of the threat.
The attackers are accused of trying to access and steal information about vaccine research and supply chains rather than directly disrupt their work.
While relatively few in number, the attacks are said to be ongoing and highly targeted, taking place over the past five months as the world grappled with the Covid-19 pandemic.
Foreign Secretary Dominic Raab said it was "completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic".
He added: “While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health. The UK will continue to counter those conducting such cyberattacks, and work with our allies to hold perpetrators to account.”
The invalidation of the EU-US data-protection agreement could have major ramifications for UK organisations’ legal responsibilities
CyberArk, our sponsor for PublicTechnology Cyber Week, writes about how industry and government are working together to meet Australia’s cyber challenges
Annual fraud data shows lost phones, online shopping sprees and some mysterious missing timepieces
Foreign affairs committee chair Tom Tugendhat says false claims and fake press releases were sent to friends and professional contacts