U.S. and U.K. government officials said a prominent state-backed Russian hacking group is responsible for ongoing cyber espionage against organizations involved in the development of coronavirus vaccines and other healthcare-related work, showing escalating security risks at a crucial time in the global response to the pandemic.
The National Cyber Security Centre, part of the U.K.’s GCHQ electronic-intelligence agency, and backed by U.S. and Canadian security officials, said Thursday they jointly assessed the source of the persistent hacking activity in several countries. The targets, officials said, include governments, think tanks, universities, private companies and other organizations working on vaccine research and testing globally.
They identified the hacking group as Russia-supported APT29, which is also known as Cozy Bear.
APT29 has reportedly been involved in past hacking of US and other think tanks, and apparently targeted US think tanks in a post-election hacking campaign in 2016.