Vladimir Putin behind Russian Cozy Bear hackers’ attempt to steal UK’s coronavirus vaccine
VLADIMIR Putin’s Russia is behind repeated cyber attacks to try and steal a coronavirus vaccine from Britain, it was revealed today.
The UK has been able to point the finger at Russia for the very first time in explosive claims President Putin knew about attacks on Britain’s coronavirus vaccine project.
Read our coronavirus live blog for the latest news & updates
Explosive revelations claim Vladimir Putin knew about cyber attacks on Britain’s coronavirus research projects[/caption]
Cyber attacks to try and steal research on a coronavirus vaccine could have come from Russia[/caption]
The group of cyber hackers are believed to be part of Russian intelligence services[/caption]
A joint operation with the US and Canada has uncovered a “malicious campaign” to steal information uncovered by Britain’s top scientists on coronavirus with targeted attacks since March.
No10 said today they believe the attacks came from a group known at APT29 – part of the Russian intelligence service.
The clandestine group of hackers is also known as “the Dukes” or “Cozy Bear”.
The PM’s official spokesman said today: “The attacks which are taking place against scientists and others doing vital work to combat coronavirus are despicable.
“Working with our allies, we will call out those who seek to do us harm in cyber space and hold them to account.”
Here’s what we know about the attacks:
- A group called APT29 linked to Russian intelligence services is behind a series of coordinated attacks to try and steal UK vaccines
- UK security services are “almost certain” the attacks were sponsored by Russia – and President Putin knew about them
- Vaccine research programs are being given the highest level of protection to protect data on coronavirus jabs
- The same group has been linked to attacks on US Democratic Party in the run-up to 2016 elections
- The group are trying to exploit known vulnerabilities in well known security software such as VPN software & external mail servers
The National Cyber Security Centre have thrown every protection they have at Britain’s vaccination projects to keep them safe from attempts to steal information.
British research projects are at the forefront of the effort to find a vaccine with scientists at Oxford University and Imperial University London leading the charge to prevent thousands more from dying.
The first phase of human trials at Oxford University have raced ahead of worldwide projects and shown evidence their experimental jab generates an immune response against the killer virus.
Professor Sarah Gilbert is leading the hunt for a vaccine at Oxford University[/caption]
Advanced persistent threat (APT) group Cozy Bear have been trying to crack into Britain’s tightly held information on a coronavirus vaccine.
The group – which are believed to be linked to Russian’s intelligence services – were also behind the 2016 hacking of the Pentagon, the Democratic National Committee and several US NGOs.
Cozy Bear – also known as “the Dukes” have been active since at least 2008, according to researchers at Slovak cybersecurity company – who have been tracking the group since 2013.
They’ve also been dubbed the “Office Monkeys” because of their high-profile attack on the US Government in 2014.
The hackers use email phishing to launch their cyber attacks – and in 2014 passed security malware by using a comedic video of monkeys working in an office.
After disappearing following the 2016 cyber attacks, Cozy Bear made a come back launching a bid to hack customers that work the the US government agencies using similar tactics as their previous campaigns.
The name “the Dukes” comes from one of their primary cyber weapons known as MiniDuke.
NCSC Director of Operations Paul Chichester, said: “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic.
“Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector.
“We would urge organisations to familiarise themselves with the advice we have published to help defend their networks.”
The shocking revelations also show intelligences services believe knowledge of the attacks goes to the highest level of the Kremlin – Russian President Vladimir Putin.
But they can’t say whether or not it was ordered by the Russian leader.
The hackers have been trying to break into data held by pharmaceutical companies and research bodies by exploiting well-known vulnerabilities in security software – such as VPN and external mail servers.
Officials warned the threat from Russia goes even deeper than just vaccination efforts.
The group is the same one who were implicated in attacks on the US Democratic Party in the run up to the 2016 election.
Intelligence services also uncovered that Russia tried to meddle in the UK election last year by spreading documents on US and UK trade talks to Jeremy Corbyn.
The ex-Labour leader used the leaked documents – claiming the NHS was “up for sale” – in a stunt to try and smear the Tories to try and avoid his disastrous election loss.
But Foreign Secretary Dominic Raab said today the leaked documents had been “amplified” by Russian spooks after they were posted on the online forum Reddit.
Russian actors then sought to promote them further and get more media attention to try and interfere in the UK’s election, the Government said.
GCHQ boss Jeremy Fleming said in a rare interview at the Cheltenham science festival last month that state spies and criminals would target the vaccination projects.
He said: “We do know that, whether it’s states or criminals they are going after things which are sensitive to us.
“So it’s a high priority for us to protect the health sector, particularly the race to acquire a vaccine.”
He said hackers would look for “pretty basic vulnerabilities” such as “lures to get people to click on the wrong thing… where people aren’t backing up properly or whether they’ve got basic passwords and so on.”
How to stay safe from hackers
- Protect your devices and networks by keeping them up to date: use the latest supported versions, use anti-virus and scan regularly to guard against known malware threats.
- Use multi-factor authentication to reduce the impact of password compromises.
- Tell staff how to report suspected phishing emails, and ensure they feel confident to do so, investigate their reports promptly and thoroughly.
- Set up a security monitoring capability so you are collecting the data that will be needed to analyse network intrusions
- Prevent and detect lateral movement in your organisation’s networks.
Medical research organisations working on potential vaccines in the US have also been warned to protect their data against cyber attacks – including those from China.
Bill Evanina, director of the National Counterintelligence and Security Center, told the BBC: “We have been working with our industry and government folk here very closely to ensure they are protecting all the research and data as best they can.
“We have every expectation that foreign intelligence services, to include the Chinese Communist Party, will attempt to obtain what we are making here.”
Most read in News
CORONAVIRUS CRISIS – STAY IN THE KNOW
Don’t miss the latest news and figures – and essential advice for you and your family.