[otw_shortcode_dropcap label=”W” font=”Ultra” background_color_class=”otw-no-background” size=”large” border_color_class=”otw-no-border-color”][/otw_shortcode_dropcap]estern countries such as Britain, the United States, and Canada banned together today to accuse “Russian hackers” of “trying to steal information from researchers seeking a coronavirus vaccine,” reported the Associated Press. Countries warned scientists and pharmaceutical researchers to “be alert for suspicious activity.”
The AP reports the intelligence agencies of the three nations concluded a hacking group known as “Cozy Bear” purported to be part of Russian intelligence, “is attacking academic and pharmaceutical research institutions involved in COVID-19 vaccine development.” It’s no surprise that Putin’s spokesman, Dmitry Peskov, denied accusations saying, “we don’t have information about who may have hacked pharmaceutical companies and research centers in Britain.” Peskov went a step further, demanding “We may say one thing: Russia has nothing to do with those attempts.”
British Foreign Secretary Dominic Raab accused Russia of “reckless behavior.” Britain’s National Cyber Security Centre also made a statement, saying Russia’s attacks are seen as a campaign of “malicious activity” which has been ongoing and “predominantly against government, diplomatic, think tank, health care and energy targets.” In a 16-page “advisory prepared by Western agencies accuses Cozy Bear of using custom malicious software to target a number of organizations globally” reported AP.
Although the malware, WellMess and WellMail had not previously been associated with the hacking group, the advisory stated, “in recent attacks targeting COVID-19 vaccine research and development, the group conducted basic vulnerability scanning against specific external IP addresses owned by the organizations. The group then deployed public exploits against the vulnerable services identified.”
Britain’s Cyber Security Centre said its information was shared by the U.S. Department of Homeland Security, the Cybersecurity Infrastructure Security Agency and the National Security Agency, and by the Canadian Communication Security Establishment. “The move at a coordinated position seemed designed to add heft and gravity to the announcement – hopefully prompting the targets of the hackers to take protective action” reported the AP.
Information technology expert at the University of Notre Dame, Mike Chapple, said “the biggest takeaway from these attacks is that other countries are actively targeting the health research industry and we’re seeing the pharmaceutical companies and others being targeted because they have the information that can be used to help alleviate this global pandemic.” Also, “it’s reasonable to conclude that the coronavirus is the No. 1 priority of every intelligence agency around the world right now” said Chapple.