(The Canadian Press)

Russian hackers seeking to steal COVID-19 vaccine data: intel agencies

It is believed APT29, also known as ‘the Dukes’ or ‘Cozy Bear’ was responsible

Canadian, British and U.S. security services say hackers they believe are working for Russian intelligence have been trying to steal research on COVID-19 vaccines from organizations in all three countries and around the world.

Canada’s Communications Security Establishment says the malicious cyberactivities were very likely undertaken to pilfer information and intellectual property relating to the development and testing of vaccines for the novel coronavirus.

The cyberspy agency says the clandestine activity is hindering response efforts at a time when health-care experts and medical researchers need every available resource to help fight the pandemic.

The CSE’s Centre for Cyber Security assesses that APT29, also known as ”the Dukes” or “Cozy Bear,” was responsible, and almost certainly operates as part of Russian intelligence services.

“The group uses a variety of tools and techniques to predominantly target governmental, diplomatic, think-tank, health-care and energy targets for intelligence gain,” says a joint advisory from the CSE and its allies.

“APT29 is likely to continue to target organizations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic.”

This assessment is supported by partners at Britain’s Government Communications Headquarters’ National Cyber Security Centre, the U.S. National Security Agency, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

The CSE is urging Canadian health organizations to review a technical advisory on the threat and to take any necessary actions to protect themselves. “We encourage them as well to contact the Cyber Centre if they suspect they have been targeted by cyberactors.”

The joint advisory says APT29 targeted COVID-19 vaccine research and development by scanning specific computer IP addresses of interest for vulnerabilities, a tactic that can help the group obtain login credentials to systems.

“This broad targeting potentially gives the group access to a large number of systems globally, many of which are unlikely to be of immediate intelligence value,” the advisory says.

“The group may maintain a store of stolen credentials in order to access these systems in the event that they become more relevant to their requirements in the future.”

By Jim Bronskill , The Canadian Press

Like us on Facebook and follow us on Twitter.

Want to support local journalism? Make a donation here.

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Vernon Vipers looking to build on strong finish

BC Hockey League office looks at the “Next Generation” of Vipers’ squads

West Kelowna man found dead in van on Vernon road

Foul play is not suspected in death of 39-year-old found Saturday, Aug. 1

Coldstream, Vernon golfers crack top-100 at B.C. Amateur

Braxton McDonald, Braeden Cooper, Ryan Vest among those competing at prestigious provincial event

Fires ignite on Revelstoke’s Mt. Begbie; Kamloops Fire Centre blazes holding

Crews working throughout region over holiday weekend to contain wildfires

Vernon groups breathe sighs of relief following Community Futures cash

Organization offers relief funds to Elks Lodge and Canadian Mental Heath for operations

VIDEO: Otter pups learn to swim at B.C. wildlife rescue facility

Watch Critter Care’s Nathan Wagstaffe help seven young otters go for their first dip

Reported Big White wildfire dubbed ‘smoke chase’

Crews responded to the area but could not locate a fire

Alleged impaired driver sparks small wildfire near Lytton after crash: B.C. RCMP

Good Samaritans prevented the blaze from getting out of control

Wildfire in West Kelowna’s Rose Valley grows to 3 hectares

The fire was first reported at around 2:30 p.m. on Aug. 2.

Travel restrictions inspiring co-operation in border communities

Small border towns are asking for exemption to travel ban

B.C. First Nation adopts ‘digital twinning’ software to better manage territory

Software allows users to visualize what a mountain might look like if the trees on its slopes were logged

All inquiry recommendations implemented after fatal Port Hardy RCMP shooting: Ministry

The Independent Investigations Office of B.C. cleared the RCMP officers involved of wrongdoing

Most Read