Britain, Canada, and the United States have accused Russia of trying to steal COVID-19 vaccine and treatment research from academic and pharmaceutical institutions around the world.
The British National Cybersecurity Center (NCSC) said on July 16 that hacking group APT29, also known as the Dukes or Cozy Bear, has targeted organizations involved in the development of a COVID-19 vaccine in the three countries.
It said the group's attacks were ongoing, “highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines.”
APT29 “almost certainly operate as part of [the] Russian Intelligence Services,” the NCSC said, adding that the United States and Canada shared its assessment.
Paul Chichester, the NCSC’s director of operations, condemned “these despicable attacks against those doing vital work to combat the coronavirus pandemic."
British Foreign Secretary Dominic Raab said it was "completely unacceptable" for Russian intelligence services to target work on the coronavirus, adding that Britain will work with its allies to hold perpetrators to account.
"While others pursue their selfish interests with reckless behavior, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health," Raab said in a statement.
The announcement comes as the British government said that “Russian groups almost certainly sought to interfere” in Britain’s general elections last year “through illicitly acquired documents.”
The documents, regarding British-U.S. trade talks, emerged online.
In a statement, Raab said there was "no evidence of a broad spectrum Russian campaign against the general election" but that "any attempt to interfere in our democratic processes is completely unacceptable."
The accusation comes as a much-delayed report into allegations of wider Russian interference into British democracy, such as during the referendum on remaining in the European Union, is expected next week.
Kremlin spokesman Dmitry Peskov said Russia has “nothing to do” with any alleged hacker attacks on pharmaceutical companies and research institutes in Britain or allegations of Russian meddling in the country’s elections.
In its advisory, the NCSC said Cozy Bear exploited software flaws to get access to vulnerable computer systems, and used malware to upload and download files from infected machines.
They also tricked individuals into handing over log-in credentials with phishing and spear-phishing attacks.
Britain did not say which organizations were targeted, or whether any information had been stolen.
The United States has identified Cozy Bear as one of the Russian government-linked hacking groups that hacked the Democratic National Committee computer network ahead of the 2016 U.S. presidential election.