Britain, USA and Canada synchronous stated attack on a Russian group of hackers, likely related to the Kremlin, the medical laboratories of Western countries and trying to steal a vaccine from COVID-19 – diseases caused by coronavirus. About it writes BBC.
Three intelligence agencies — the national security Agency U.S. (NSA), the British national cyber security centre and the canadian Agency communications security — published on Thursday, 16 July, official statements that the blame for hacking attacks laid on the grouping of Cozy Bear, also known as APT29 and Dukes.
The Minister of foreign Affairs of Britain Dominic Raab condemned what he called “reckless actions of the Russian intelligence”: “We have exposed today, their cyber attacks against those who develop a vaccine against COVID-19 that they undermine the vital cooperation of the entire world in the fight against the pandemic,” he said.
NSA believes that Russian hackers collected data on the development of vaccines. What kind of scientific institution were attacked, not specified.
The Kremlin has said that Russia has nothing to do with hacking attacks. “We will not tolerate such accusations, even as another unsubstantiated accusations of meddling in elections-2019”, — quotes the press Secretary of the Russian President, Dmitry Peskov RIA Novosti.
British national cybersecurity center (NCSC) stated that discovering the attack, immediately shared the information with American and canadian colleagues. Did the attackers steal the data not reported, but the British authorities stressed that work on a vaccine was not disrupted and continues.
British secret service distributed recommendations with a description of how the hackers operate and how to protect against them.
Paul Sutton, head of operations NCSC, in his statement, called the cyber attack in the midst of the global epidemics of new infections “vile”.
Traces of the “Cozy bear”
American, British and canadian cyberathletic indicate that this group was distributing viruses and WellMess WellMail.
In 2018, the American company CrowdStrike found traces of a Cozy Bear in cracking the networks of the headquarters of the Democratic party of the United States.
While cybersecurity experts believed that Cozy Bear often “compete” with another Russian hacker group — Fancy Bear, she APT28, and saw this as a sign of rivalry between the Federal security service and Main Directorate of the General staff of the Russian Federation (former GRU), whose areas of responsibility are in terms of cyber warfare intersect.
“Cozy bear” supposedly refers to the FSB, and “bizarre” — to GRU.
In addition to CrowdStrike, the links of the Fancy Bear and Cozy Bear with the Russian special services reported by the companies engaged in cyber security Fidelis Cybersecurity, SecureWorks, ThreatConnect, and others.
Russian authorities have repeatedly denied connection with hacker groups. “We do not have information, who could crack the pharmaceutical companies and research centres in the UK. I can say one thing — Russia has no part in these attempts is irrelevant”, — so reacted to another batch of charges, the press Secretary of Vladimir Putin Dmitry Peskov.