Coronavirus: Russian spies target Covid-19 vaccine research

Russian hackers are targeting organisations trying to develop a coronavirus vaccine in the UK, US and Canada, security services have warned.

Coronavirus: Russian spies target Covid-19 vaccine research

Russian hackers are targeting organisations trying to develop a coronavirus vaccine in the UK, US and Canada, security services have warned.

The UK's National Cyber Security Centre (NCSC) said the hackers "almost certainly" operated as "part of Russian intelligence services".

It did not specify which organisations had been targeted, or whether any information had been stolen.

But it said vaccine research had not been hindered by the hackers.

Foreign Secretary Dominic Raab said: "It is completely unacceptable that the Russian intelligence services are targeting those working to combat the coronavirus pandemic.

"While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health."

The warning was published by a international group of security services:

  • the UK's NCSC
  • the Canadian Communication Security Establishment (CSE)
  • the United States Department for Homeland Security (DHS) Cyber-security Infrastructure Security Agency (CISA)
  • and the US National Security Agency (NSA)
 
 
 
 

In recent years, Western security agencies have become more willing to call out hackers targeting companies and organisations in their countries in the hope it will deter them.

But the latest accusations are more unusual since officials are directly pointing the finger at Russian spies rather than talking generally about "state-backed hackers" or using other more cautious references.

And they are also challenging them over targeting something that the general public recognises as being highly sensitive - coronavirus vaccine research - rather than simply some company or government department's information.

However, on another level we should not be too surprised by the claim.

Understanding vaccine research and other details about the pandemic has become a top target for intelligence agencies around the world and many others, including Western spies, are likely to be active in this space.

 
 

The UK, US and Canadian agencies said the hackers had exploited software flaws to get access to vulnerable computer systems, and had used malware called WellMess and WellMail to upload and download files from infected machines.

They are also said to have tricked individuals into handing over login credentials with spear-phishing attacks.

  • Phishing emails are designed to trick the recipient into handing over their personal information
  • Spear phishing is a targeted and personalised form of the attack, designed to trick a specific individual. Often the email appears to come from a trusted contact, and may include some personal information to make the message seem more convincing

 

BBC