And for the first time given that the dubious group’s existence became known, the allied companies said that APT29 is “almost certainly” running as part of Russian intelligence services. Neither the NCSC nor the United States National Security Agency clearly accused president Vladimir Putin of buying the group’s activities, it is thought that there is awareness of its operations at the highest levels of the Russian administration.
Download the new Independent Premium app
Sharing the complete story, not simply the headlines
It is believed that vaccine research centers at Oxford University and Imperial College London are amongst institutions targeted by the hackers, who are thought to run by making use of weak points in VPN and external mail services used by researchers.
The attacks form part of a pattern which has seen both state and criminal organisations shift cyber activity to target potentially valuable intellectual property connecting to vaccines and treatments for Covid-19 during the pandemic.
NCSC director of operations Paul Chichester said: “We condemn these despicable attacks against those doing essential work to fight the coronavirus pandemic.
” Working with our allies, the NCSC is committed to safeguarding our most crucial properties and our top concern at this time is to protect the health sector.
” We would urge organisations to familiarise themselves with the recommendations we have published to help safeguard their networks.”
Understood targets of APT29 consist of UK, US and Canadian vaccine research study and development organisations.
The group uses a range of tools and methods, including spear-phishing and customized malware known as “WellMess” and “WellMail”.
The project is not thought to be associated with a separate effort by unidentified “Russian actors” to interfere in December’s election by distributing information of the government’s trade talks with the US, exposed by foreign secretary Dominic Raab today.
Speaking after the NCSC announcement, Mr Raab required an end to cyber attacks by Russian intelligence services.
” It is completely undesirable that the Russian intelligence services are targeting those working to combat the coronavirus pandemic,” stated the foreign secretary.
” While others pursue their selfish interests with careless behaviour, the UK and its allies are getting on with the effort of discovering a vaccine and securing worldwide health.
” The UK will continue to counter those conducting such cyber attacks, and deal with our allies to hold criminals to account.”
It is unclear whether hackers have been successful in getting any scientific details from UK labs in the attacks, which are still thought to be continuous. The NCSC has not mentioned what level of success the group had actually accomplished, saying that its function is to increase awareness of the threat which it presents and the need to take protective measures.
But it is not believed that they have actually targeted the personal details of people operating in the organizations.