Russian state intelligence is hacking international research centers that are racing to develop a Covid-19 vaccine, the U.K., U.S. and Canadian governments said.
It is unclear whether research facilities have been damaged or if the vaccine programs have been set back as a result of the hacks but officials warned that the cyber attacks are ongoing.
In a dramatic statement on Thursday, Britain’s National Cyber Security Centre (NCSC) said vaccine and therapeutic sectors in multiple countries have been targeted by a group known as APT29, which it said is “almost certainly” part of Russian state intelligence. Security agencies in the U.S. and Canada later issued their own statements backing up the findings.
“It is completely unacceptable that the Russian intelligence services are targeting those working to combat the coronavirus pandemic,” British Foreign Secretary
The intelligence bombshell came at a delicate time in geopolitics with a combative U.S. election looming in November and the pandemic plunging the world economy into recession. Coronavirus has launched a global race for a vaccine, in which researchers in the U.K. have made progress recently.
Back in Moscow, President
Russia denied any involvement in hacking coronavirus vaccine research. “We don’t know who may have hacked pharmaceutical companies and research centers. We can only say Russia has nothing to do with these attempts,” Kremlin spokesman
Yet the NCSC said APT29, which also goes by the name of Cozy Bear or The Dukes, has targeted U.K., U.S. and Canadian vaccine research and development organizations. The campaign of malicious activity is ongoing, predominantly against government, diplomatic, think-tank, healthcare and energy targets to steal valuable intellectual property, it said.
Researchers have long linked APT29 to Russian intelligence agencies. For more than a decade, the group has carried out hacking campaigns that have targeted dozens of governments, research institutes, and corporations around the world, according to an analysis published in March by cybersecurity firm Carbon Black.
In 2016, US cybersecurity firm Crowdstrike linked APT29 to hack of the Democratic National Committee. The Russian hackers penetrated the DNC’s servers in the summer of 2015, and maintained access to the organization’s data for about a year, according to Crowdstrike researchers.
On Thursday, Britain’s findings were supported by its Canadian and U.S. partners, including the National Security Agency.
The NSA said organizations in the U.S. involved in vaccine development were also targeted by the hackers. The objective of the hacking was “likely to steal information and intellectual property relating to the development and testing of Covid-19 vaccines,” according to the NSA statement.
The announcement has political implications because President
The White House reaction to the news was muted on Thursday, with spokeswoman
U.S. officials have said China is also working to steal U.S. vaccine research. Attorney General
The Canadian government also released a statement, confirming Ottawa is working with Westminster and Washington to stop the “malicious cyber activities.” It said the hacks “serve to hinder response efforts at a time when healthcare experts and medical researchers need every available resource to help fight the pandemic.”
The development brings concerns about vaccine nationalism to a whole new level at a time when countries are scrambling to secure supplies of future shots in advance. Health advocates have grown increasingly concerned poorer regions will get left behind as the U.S. and other nations move to lock up doses.
In the U.K., the University of Oxford, working with partner
Worries about the U.S. pushing its way to the front of the vaccine line arose in May when Sanofi Chief Executive Officer Paul Hudson said that its shots might be available there first because one of the country’s agencies helped fund development. Sanofi said later that its vaccine would be available to everyone.
(Updates with comment from Russian soverign wealth fund chief in eighth paragraph and White House comment in 15th paragraph. An earlier version of the story corrected the first name of the Crowdstrike president and his title.)
--With assistance from
To contact the reporters on this story:
To contact the editors responsible for this story:
© 2020 Bloomberg L.P. All rights reserved. Used with permission.