Russian hackers are targeting organisations trying to develop a coronavirus (COVID-19) vaccine in the UK, US and Canada, security services have warned.
The UK’s National Cyber Security Centre (NCSC) said the hackers “almost certainly” operated as “part of Russian intelligence services”.
It did not specify which organisations had been targeted, or whether any information had been stolen.
But it said vaccine research had not been hindered by the hackers.
The hackers are part of a group called APT29, also known as “the Dukes” or “Cozy Bear”.
The NCSC said it was more than 95 per cent certain that APT29 was part of the Russian intelligence services.
Foreign Secretary Dominic Raab said: “It is completely unacceptable that the Russian intelligence services are targeting those working to combat the coronavirus pandemic.
“While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health.”
It said the hackers exploited software flaws to get access to vulnerable computer systems, and used malware called WellMess and WellMail to upload and download files from infected machines.
They also tricked individuals into handing over login credentials with spear-phishing attacks. The report includes recommendations that can help protect organisations from cyber-attacks.
“Throughout 2020, APT29 has targeted various organisations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines,” the report said.
On Thursday, the UK government also said Russians “almost certainly” sought to interfere in the 2019 UK general election through illicitly acquired documents. -BBC
