Russian Hackers Could Be Hacking COVID-19 Vaccines

Russian hackers are targeting research centers that are involved in the development of a vaccine for the COVID-19 pandemic, according to a U.K.-based government security organization.

The National Cyber Security Center (NCSC) says a group of Russian adversaries called "APT29," a.k.a. "the Dukes" or "Cozy Bear," is running a campaign of malicious activity.

According to the advisory, Cozy Bear is targeting U.K., U.S., and Canada based vaccine research and development organizations. The U.S. National Security Agency (NSA) and Canada's Communications Security Establishment have confirmed the report.

The threats come as vaccine studies in the U.S. and U.K. have turned up promising results. Last week, for example, the Massachusetts-based biotechnology firm Moderna published data that suggests early-stage trials of its experimental shot are working. Patients who were injected with the vaccine had more neutralizing antibodies than even most people who have recovered from COVID-19. Moderna details those results in the New England Journal of Medicine.

Dmitry Peskov, a spokesperson for the Kremlin, told the Russian news agency RIA-Novosti that Russia had "nothing to do" with the COVID-19-related hacking attacks. "We do not have information regarding who could have hacked pharmaceutical companies and research centers in the UK," he said. "We can say one thing, Russia has nothing to do with these attempts."

Based on Cozy Bear's past, organizations should take the threat seriously, said Anne Neuberger, cyber security director for the NSA. Experts believe Cozy Bear is one of the two Russian hacking groups that gained access to the Democratic National Committee's internal systems prior to the 2016 U.S. Presidential election.

Cozy Bear's tools include spear-phishing, and the use of a custom type of malware known as "WellMess" and "WellMail."

Spear-phishing occurs when a target receives an email that looks like it's coming from a trustworthy source, but is actually from a bad actor. Sometimes, the emails even appear urgent and like they're from important sources.

The links inside the spear-phishing emails often redirect users to a website full of malware, or a piece of software that's written with the express intent to damage devices or steal data. These can take the form of computer viruses, Trojans (malicious programs disguised as legitimate software), spyware (covertly transmitting data from the target computer), and ransomware (asks for a ransom to unlock your device).

"We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic," Paul Chichester, director of operations for NCSC, said in the organization's statement. "Our top priority at this time is to protect the health sector."

At Dallas Network Services, we work with a large variety of businesses based in Dallas and Fort Worth (DFW) and the surrounding area such as Addison, Plano, Carrollton, Denton, Richardson, Garland and beyond. We also extend our reach outside the area to include all Texas and other states. We provide on premise server support including Microsoft Exchange as well as Cloud computing services and hosted solutions. We specialize project services, network support, desktop support and voice over IP (VoIP) business phones. Our fully managed IT services will improve your business reliability as well as your bottom line. Contact us today at www.dallasnetworkservices.com chat or call 214-696-6630. #DNS#dallasnetworkservices#techsupport#hacker#cybersecurity#MSP