• The United Kingdom’s National Cyber Security Centre (NCSC) has revealed a hacking group linked to Russian intelligence is targeting organisations searching for a COVID-19 cure 
• The NCSC has revealed that the Russian hacking groups APT29 are most likely behind the attacks 
• APT29 are one of the most notorious cybercrime groups in the world, rising to infamy in 2016 by successfully hacking the Clinton presidential campaign
• The NSCS believes the group is almost certainly part of Russia’s intelligence services and were targeting intellectual property relating to the development of COVID-19 vaccines
• The allegations have been supported by the Canadian Communications Security Establishment and the U.S. National Security Agency  

The United Kingdom’s National Cyber Security Centre (NCSC) has revealed a hacking group linked to Russian intelligence is targeting COVID-19 research organisations.

The stunning allegations have been levelled at a group known as APT29, whose aliases include The Dukes and Cozy Bear.  

APT29 are one of the most notorious cybercrime groups in the world, rising to infamy in 2016 by successfully hacking the Clinton Presidential campaign.

In announcements released today, both the Canadian Communications Security Establishment and the U.S. National Security Agency reinforced the group’s links to the Russian intelligence community. 

The NSA’s Cybersecurity Director Anne Neuberger said the APT29 has a long history of targeting governmental, diplomatic, think-tank, health care and energy organisations.  

APT29 targeted various organisations across Canada, the United States and the United Kingdom, which are currently developing a vaccine to treat COVID-19. The group used its own custom welfare known as WellMess and WellMail to target the organisations. 

The NCSC believes this was done with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines.   

WellMess and WellMail are spearfishing systems, which target an organisation’s employees to glean sensitive information.

The NCSC Director of Operations, Paul Chichester condemned what he described as despicable attacks against people performing vital work to combat the coronavirus pandemic. 

“Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector. 

“We would urge organisations to familiarise themselves with the advice we have published to help defend their networks,” he said. 

Related News

• Waning appetites for green metals and the ‘comfortable’ safe haven of gold: Thoughts on investment and commodities
• The ASX gold miners benefiting most from gleaming bullion prices
• GDP grows 0.2% in June quarter, but annual growth the slowest since the 1990s
• Inflation cools in the 12 months to July, with reading of 3.5%