UPDATE: Canada, US, UK intel agencies accuse Russian hackers of trying to steal COVID-19 vaccine data - InfoNews

Current Conditions


UPDATE: Canada, US, UK intel agencies accuse Russian hackers of trying to steal COVID-19 vaccine data

In this March 16, 2020, file photo, a subject receives a shot in the first-stage safety study clinical trial of a potential vaccine by Moderna for COVID-19, the disease caused by the new coronavirus, at the Kaiser Permanente Washington Health Research Institute in Seattle. Canadian, British and U.S. security services say hackers they believe are working for Russian intelligence have been trying to steal research on COVID-19 vaccines from organizations in all three countries and around the world.
Image Credit: THE CANADIAN PRESS/AP/Ted S. Warren, File
July 16, 2020 - 11:22 AM

OTTAWA - Canada, Britain and the United States denounced Russian hackers for trying to steal research on COVID-19 vaccines from organizations in all three countries and around the world.

The joint declaration, led by Britain, said the hackers were almost certainly working for Russian intelligence and accused them of disrupting the global efforts to find a vaccine for the novel coronavirus.

Canada's Communications Security Establishment said the malicious cyberactivities were very likely undertaken to pilfer information and intellectual property relating to the development and testing of vaccines.

The cyberspy agency said the clandestine activity is hindering response efforts at a time when health-care experts and medical researchers need every available resource to help fight the pandemic.

This assessment was supported by partners at Britain's Government Communications Headquarters' National Cyber Security Centre, the U.S. National Security Agency, and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency.

"In these challenging times, it is all the more important to defend our own health care organizations, national interests, and that of our allies, the United Kingdom and the United States, from malicious state actors attempting to steal information and intellectual property," said Defence Minister Harjit Sajjan and Foreign Affairs Minister Francois-Philippe Champagne.

"We must call out irresponsible state behaviour that violates the rules-based international order and strive to live and work in a cyber environment that is open, stable, peaceful and secure. In Canada, we are committed to defending these principles in cyberspace, especially when they touch on the interests of Canadians."

The Canadian government would not say what if any diplomatic action had been taken against Russia.

Nor did the joint assessment specifically say whether the hackers had been successful, but Canadian vaccine makers were following the advice of the intelligence agencies and taking precautions.

British Foreign Secretary Dominic Raab took to Twitter to express Britain's solidarity with Canada and the U.S. "against the reckless actions of Russia's intelligence services, who we have exposed today for committing cyber attacks" against those working on a COVID-19 vaccine. Raab said the hackers were undermining vital global co-operation to defeat the pandemic.

The CSE's Centre for Cyber Security assessed that a group labelled APT29, also known as "the Dukes" or "Cozy Bear," was responsible, and almost certainly operates as part of Russian intelligence services.

"The group uses a variety of tools and techniques to predominantly target governmental, diplomatic, think-tank, health-care and energy targets for intelligence gain," said the joint advisory from the CSE and its allies.

"APT29 is likely to continue to target organizations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic."

Paul Chichester, the British cybersecurity centre's director of operations, said it was working with allies to protect the health sector.

"We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic," said Chichester.

"We would urge organizations to familiarize themselves with the advice we have published to help defend their networks."

The CSE urged Canadian health organizations to review the advisory on the threat and to take any necessary actions to protect themselves. "We encourage them as well to contact the Cyber Centre if they suspect they have been targeted by cyberactors."

One company, Medicago, said it was aware of cyberattacks targeting the networks of organizations working on COVID-19 vaccine development.

"We take this threat seriously. Medicago has a strong cybersecurity infrastructure in place, and we continue to be in contact with authorities to further secure our network and infrastructure," a company spokesman said in a statement.

The joint advisory said APT29 targeted COVID-19 vaccine research and development by scanning specific computer IP addresses of interest for vulnerabilities, a tactic that can help the group obtain login credentials to systems.

"This broad targeting potentially gives the group access to a large number of systems globally, many of which are unlikely to be of immediate intelligence value," the advisory says.

"The group may maintain a store of stolen credentials in order to access these systems in the event that they become more relevant to their requirements in the future."

This report by The Canadian Press was first published July 16, 2020.

News from © The Canadian Press, 2020
The Canadian Press

  • Popular vernon News
View Site in: Desktop | Mobile