CATEGORIES
home News

UK Security Officials Expose Cozy Bear Russian State Hackers Targeting Coronavirus Research

by Shane McGlaunFriday, July 17, 2020, 12:19 PM EDT
russian hack

According to security officials in the UK, Russian cyber actors have been targeting organizations that are involved in coronavirus (COVID-19) vaccine development. The National Cyber Security Centre (NCSC), which is part of GCHQ, published an advisory that detailed the activity of the Russian threat group known as APT29. The same group also goes by the name "The Dukes" or "Cozy Bear."

According to the security officials, the group is "almost certainly" operating as part of Russian intelligence services. The UK isn't alone in coming to these conclusions. It points out that partners at the Canadian Communication Security Establishment and the U.S. Department for Homeland Security, Cyber Security Infrastructure Security Agency, and the NSA all agree.

APT29 has been behind the campaign of malicious activity that is ongoing and predominantly engaged against government, diplomatic, think-tank, healthcare, and energy targets. Authorities say the goal of the malicious actors is to steal valuable intellectual property. The NCSC has condemned what it calls "despicable attacks" that are aimed at those fighting the coronavirus pandemic around the world.

The agency and its allies are committed to protecting critical assets and says that the top priority at this time is to protect the health sector. The agency published an assessment to help organizations defend their networks. APT groups have been targeting organizations involved in national and international COVID-19 responses. So far, known targets have included vaccine research and development organizations in the UK, US, and Canada.

The nefarious group of attackers has used a variety of tools and techniques to attack the organizations. The tools include spear-phishing and custom malware known as "WellMess" and "WellMail." This isn't the first time that Russian hackers have targeted organizations abroad. In late 2019 Russian hackers modified Chrome and Firefox in a sophisticated scheme to spy on web traffic.

Tags:  Russia, Hackers, GCHQ, coronavirus, covid-19, cozy bear
SM

Shane McGlaun

Shane has been into tech since his dad brought home a Pong game when he was a toddler. A passion for gaming led to a passion for PC tech and hardware. That passion was eventually turned into a career writing about cool gadgets, computers, and automotive technology for some of the biggest publications online and in print. Shane also has a passion for the outdoors and when not writing about tech can be found hiking the trails of Colorado whilst keeping an eye open for nefarious rattlesnakes and bears.

Opinions and content posted by HotHardware contributors are their own.

TOP STORIES
Which New GPU Is For You?
More Results
KEEP INFORMED

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2026 Hot Hardware Inc, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment