Russian hackers have been using spear-phishing and malware to target U.S., British and Canadian groups.
Russian hackers are attempting to steal coronavirus vaccine research, the U.S., British and Canadian governments said Thursday, opening a dangerous new front in the cyberwars and intelligence battles between Moscow and the West.
The National Security Agency said APT29, the hacking group known as Cozy Bear that is associated with Russian intelligence, has been taking advantage of the chaos created by the pandemic to target health care organizations in search of intelligence on vaccines, Julian E. Barnes reports.
The Russian hackers have been targeting British, Canadian and American organizations researching vaccines, using spear-phishing and malware to try to get access to the research.
“We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic,” said Paul Chichester, the director of operations for Britain’s National Cyber Security Center.
Cozy Bear is one of the most high profile, and successful, hacking groups associated with the Russian government, and was implicated alongside the group Fancy Bear in the 2016 hacking of the Democratic National Committee.
“APT29 has a long history of targeting governmental, diplomatic, think-tank, health care and energy organizations for intelligence gain so we encourage everyone to take this threat seriously and apply the mitigations issued in the advisory,” said Anne Neuberger, the N.S.A.’s cybersecurity director.
The British and Canadian governments said Thursday that Cozy Bear is almost certainly part of the Russian intelligence services.