(The Canadian Press)

Russian hackers seeking to steal COVID-19 vaccine data: intel agencies

It is believed APT29, also known as ‘the Dukes’ or ‘Cozy Bear’ was responsible

Canadian, British and U.S. security services say hackers they believe are working for Russian intelligence have been trying to steal research on COVID-19 vaccines from organizations in all three countries and around the world.

Canada’s Communications Security Establishment says the malicious cyberactivities were very likely undertaken to pilfer information and intellectual property relating to the development and testing of vaccines for the novel coronavirus.

The cyberspy agency says the clandestine activity is hindering response efforts at a time when health-care experts and medical researchers need every available resource to help fight the pandemic.

The CSE’s Centre for Cyber Security assesses that APT29, also known as ”the Dukes” or “Cozy Bear,” was responsible, and almost certainly operates as part of Russian intelligence services.

“The group uses a variety of tools and techniques to predominantly target governmental, diplomatic, think-tank, health-care and energy targets for intelligence gain,” says a joint advisory from the CSE and its allies.

“APT29 is likely to continue to target organizations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic.”

This assessment is supported by partners at Britain’s Government Communications Headquarters’ National Cyber Security Centre, the U.S. National Security Agency, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

The CSE is urging Canadian health organizations to review a technical advisory on the threat and to take any necessary actions to protect themselves. “We encourage them as well to contact the Cyber Centre if they suspect they have been targeted by cyberactors.”

The joint advisory says APT29 targeted COVID-19 vaccine research and development by scanning specific computer IP addresses of interest for vulnerabilities, a tactic that can help the group obtain login credentials to systems.

“This broad targeting potentially gives the group access to a large number of systems globally, many of which are unlikely to be of immediate intelligence value,” the advisory says.

“The group may maintain a store of stolen credentials in order to access these systems in the event that they become more relevant to their requirements in the future.”

By Jim Bronskill , The Canadian Press

Like us on Facebook and follow us on Twitter.

Want to support local journalism? Make a donation here.

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Shuswap dragon boaters honour teammate’s cancer-fighting accomplishments

Friends Abreast team provides special recognition outside Salmon Arm hospital

Invasive mussel monitoring stations detect 10 boats

Boats were headed to Okanagan and Thompson regions

Collisions with a barrier, a deer and a tree demand Chase RCMP’s attention

Transport truck shreds tires along concrete barrier on Highway 1 east of Kamloops

Salmon Arm’s first Bitcoin ATM installed in mall

The kiosk will allow people to buy cryptocurrency or sell it for cash.

Algae bloom highlights nutrient concerns in Shuswap water quality report

Shuswap Watershed Council releases 2019 water quality report

578 British Columbians currently infected with COVID-19

Seventy-eight new cases confirmed in past 24 hours

Man who drove into music festival crowd sentenced to 14 months in jail

Several people seriously hurt during event held near Princeton

Conservation seizes fawn illegally kept captive in Vancouver Island home

A Comox Valley resident charged and fined under the Wildlife Act

Vandals put Vernon public piano out of play

Downtown instrument destroyed, but public project is not over

Pandemic could be driving more parents to get on board with flu shot: study

University of B.C. study gauges willingness for parents to vaccinate children for influenza

Summerland mayor asks for community conversation on racism

Incidents in July prompt calls for dialogue

Westside wildfire human caused

Blaze started as a house fire and spread to the bush

Summerland working to reopen recreation facilities

Arena and pool are opening, but ball season will not proceed

Surrey man found guilty in West Kelowna killing of common-law spouse

Tejwant Danjou was convicted of second-degree murder in the July 2018 death of Rama Gauravarapu in West Kelowna

Most Read