CATEGORIES
home News

UK Security Officials Expose Cozy Bear Russian State Hackers Targeting Coronavirus Research

by Shane McGlaunFriday, July 17, 2020, 12:19 PM EDT
russian hack

According to security officials in the UK, Russian cyber actors have been targeting organizations that are involved in coronavirus (COVID-19) vaccine development. The National Cyber Security Centre (NCSC), which is part of GCHQ, published an advisory that detailed the activity of the Russian threat group known as APT29. The same group also goes by the name "The Dukes" or "Cozy Bear."

According to the security officials, the group is "almost certainly" operating as part of Russian intelligence services. The UK isn't alone in coming to these conclusions. It points out that partners at the Canadian Communication Security Establishment and the U.S. Department for Homeland Security, Cyber Security Infrastructure Security Agency, and the NSA all agree.

APT29 has been behind the campaign of malicious activity that is ongoing and predominantly engaged against government, diplomatic, think-tank, healthcare, and energy targets. Authorities say the goal of the malicious actors is to steal valuable intellectual property. The NCSC has condemned what it calls "despicable attacks" that are aimed at those fighting the coronavirus pandemic around the world.

The agency and its allies are committed to protecting critical assets and says that the top priority at this time is to protect the health sector. The agency published an assessment to help organizations defend their networks. APT groups have been targeting organizations involved in national and international COVID-19 responses. So far, known targets have included vaccine research and development organizations in the UK, US, and Canada.

The nefarious group of attackers has used a variety of tools and techniques to attack the organizations. The tools include spear-phishing and custom malware known as "WellMess" and "WellMail." This isn't the first time that Russian hackers have targeted organizations abroad. In late 2019 Russian hackers modified Chrome and Firefox in a sophisticated scheme to spy on web traffic.

Tags:  Russia, Hackers, GCHQ, coronavirus, covid-19, cozy bear
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment