The UK, US, and Canada have discovered hackers working on behalf of the Russian state launching attacks against coronavirus vaccine development projects.
WIRED UK
This story originally appeared on WIRED UK.
Criminals working for the hacking group Advanced Persistent Threat 29 (APT29), also known as Cozy Bear, have been caught attacking pharmaceutical businesses and academic institutions involved in vaccine development. Officials in the three countries believe these have been attempts to steal intellectual property and information about potential vaccine candidates.
The hackers used “custom malware” that’s not been previously linked to Russia and a number of publicly known vulnerabilities in widely used software, such as VPNs. These have been accompanied with spear-phishing attempts that have looked to gather login details to “internet-accessible” parts of the organizations targeted.
They’re so confident in the attacks emanating from Russia that the UK’s National Cybersecurity Centre (NCSC), Canadian Communication Security Establishment, and various US security agencies, including the NSA and Department for Homeland Security, have decided to publicly call out APT29. The public shaming is the latest in an increasingly hostile approach to hacking by groups working on behalf of Russia and comes at the same time as an admission from the UK government that Russia tried to influence the 2019 general election.
APT29 is widely believed to be linked to the Russian intelligence services and has been involved in a high number of cyberattacks in recent years, including the hacking of the Democratic National Committee ahead of the 2016 US ..
Support the originator by clicking the read the rest link below.
