Advertisement

US, Canada, UK accuse Russia of hacking COVID-19 vaccine trials

LONDON – Hackers backed by the Russian government are attempting to steal information from researchers and pharmaceutical companies racing to find a COVID-19 vaccine, Britain, the United States and Canada alleged Thursday.

Britain’s National Cybersecurity Centre said the hackers were "almost certainly" connected to Russia's intelligence services. Britain made the announcement in coordination with authorities in the U.S. and Canada.

The three nations alleged that hacking group APT29, also known as Cozy Bear, is attacking academic and drug research institutions involved in coronavirus vaccine development. The announcement did not specify which institutions and companies had been targeted or whether any vaccine information had been stolen.

"It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic,″ Dominic Raab, Britain's foreign secretary, said in a statement. "While others pursue their selfish interests with reckless behavior, the U.K. and its allies are getting on with the hard work of finding a vaccine and protecting global health."

The National Cybersecurity Centre said that it had detected a prolonged campaign of "malicious activity" from Russia-backed hackers that includes attacks "predominantly against government, diplomatic, think-tank, healthcare and energy targets."

The statement from the National Cybersecurity Centre did not say whether Russian President Vladimir Putin knew about the vaccine research hacking.

Russia denied responsibility.

"We do not have information about who may have hacked into pharmaceutical companies and research centers. We can say one thing: Russia has nothing at all to do with these attempts," said Dmitry Peskov, a spokesman for President Vladimir Putin, according to Russia's Tass news agency.

Matthew Schmidt, a political scientist at the University of New Haven, said that the hacked vaccine research is a "statement of the weakness of Russian science under 20 years of Putin’s rule."

Cozy Bear, also known as the "dukes," has been identified by Washington as one of two Russian government-linked hacking groups that broke into the Democratic National Committee computer network and stole emails ahead of the 2016 presidential election. The other group is usually called Fancy Bear.

"The only question remaining is whether Donald Trump will condemn this latest aggression by Putin's Russia, and if not, why not?" said Rep. Adam Schiff, D-Calif., chairman of the House Permanent Select Committee on Intelligence.

Russian hackers: Cybersecurity firm warns of effort to penetrate Senate email system

A 16-page advisory made public by Britain, the U.S. and Canada on Thursday accuses Cozy Bear of using custom malicious software to target a number of organizations globally. The malware, called WellMess and WellMail, has not previously been associated with the hacking group, the advisory said.

"In recent attacks targeting COVID-19 vaccine research and development, the group conducted basic vulnerability scanning against specific external IP addresses owned by the organizations. The group then deployed public exploits against the vulnerable services identified," the advisory said.

The U.S. Department of Homeland Security’s cybersecurity agency warned in April that cybercriminals and other groups were targeting COVID-19 research, noting at the time that the increase in people teleworking because of the pandemic had created potential avenues for hackers to exploit.

Vulnerable targets include health care agencies, pharmaceutical companies, academia, medical research organizations, and local governments, security officials have said.

The global reach and international supply chains of these organizations also make them vulnerable, the U.S. Cybersecurity and Infrastructure Security Agency said in an alert published in conjunction with its counterparts in Britain.

U.S. authorities have for months leveled similar accusations against China.

Speaking in Michigan on Thursday, Attorney General William Barr said that China-linked "hackers have targeted American universities and firms in a bid to steal (intellectual property) related to coronavirus treatments and vaccines, sometimes disrupting the work of our researchers ... Beijing is desperate for a public relations coup, and may hope that it will be able to claim credit for any medical breakthroughs."

Barr also said that American companies, particularly medical suppliers, have become extraordinarily reliant on China for face masks, medical gowns and other medical devices and that the COVID-19 pandemic "has thrown a spotlight on that dependency."

In this March 16, 2020, file photo, a subject receives a shot in the first-stage safety study clinical trial of a potential vaccine by Moderna for COVID-19, the disease caused by the new coronavirus, at the Kaiser Permanente Washington Health Research Institute in Seattle. According to results released on Tuesday, July 14, 2020, early-stage testing showed the first COVID-19 vaccine tested in the U.S. revved up people’s immune systems the way scientists had hoped. The vaccine is made by the National Institutes of Health and Moderna Inc.

Can you get infected with COVID-19 twice? Experts say possibility is 'certainly real'

24 hours in a COVID-19 hot spot leaves no walk of life unscathed: This is what it's like

Contributing: Kevin Johnson

This article originally appeared on USA TODAY: Russia accused of hacking COVID-19 vaccine trials by US, Canada, UK