Russian hackers accused of trying to steal coronavirus vaccine research from the U.S. is straight out of the Kremlin’s cyber playbook and shows how they’re “willing to hack just about anything,” especially during a global pandemic, security experts told the Herald.
It doesn’t appear that the alleged hacking set back vaccine development in the U.S., the experts added.
The U.S., U.K. and Canada on Thursday revealed that Russian cyber actors are targeting organizations involved in the coronavirus vaccine development.
“It’s not surprising at all,” said Jason Blazakis, director of the Center on Terrorism, Extremism, and Counterterrorism at the Middlebury Institute of International Studies at Monterey. “This has been part of the Russians’ overarching playbook, to use their cyber capabilities to steal information and drug-related secrets.
“Russians wanting to steal information about the vaccine during a time of great instability is not surprising at all,” he added.
The three Western nations in a joint press release detailed activities of the cyber threat group known as APT29, which has exploited organizations around the world. APT29, also named “the Dukes” or “Cozy Bear” almost certainly operates as part of Russian intelligence services, officials said.
“APT29’s campaign of malicious activity is ongoing, predominantly against government, diplomatic, think-tank, healthcare and energy targets to steal valuable intellectual property,” the joint advisory reads.
British Foreign Secretary Dominic Raab said in a statement, “It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic. While others pursue their selfish interests with reckless behaviour, the U.K. and its allies are getting on with the hard work of finding a vaccine and protecting global health.”
The group APT29 uses a variety of tools and techniques, including spear-phishing and custom malware known as “WellMess” and “WellMail,” according to the advisory.
“We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic,” Paul Chichester, the U.K.’s National Cyber Security Centre director of operations, said in a statement. “Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector.”
The Russian Embassy in the U.S. denied the allegations, writing on Twitter, “Accusations against @Russia of hacker attacks on Western pharmaceutical companies are an attempt to tarnish the Russian #Covid19 vaccine, which may become the world’s first.”
These recent allegations are further evidence that Russia is “a hacking power and willing to hack almost anything,” said Chris Miller, co-director of the Russia and Eurasia Program at The Fletcher School at Tufts University.
People might be concerned about this disrupting U.S. activities to develop a vaccine, but the hacking didn’t appear to delay vaccine efforts, he noted.
The three nations — U.S., U.K. and Canada — coming together on this statement is part of the allies’ strategy to “maim and shame Russia for its hacking efforts,” Miller said.
“A lot of people in government think that maiming and shaming will deter Russia,” he said. “This coordinated effort is to design credibility for the statement, and show that this is something to be taken seriously.”