New Delhi: The US, UK, and Canadian governments have informed on Thursday that a Russian hacker group who may be working for the Russian intelligence is targeting organisations that are involved in developing COvid 19 vaccine. The National Cyber Security Centre (NCSC), UK gave information about the group in an advisory that said that a group known as APT29 is involved. This has been supported by Canadian Communication Security Establishment (CSE), the US Department for Homeland Security (DHS), the Cybersecurity Infrastructure Security Agency (CISA), and the National Security Agency (NSA).


ALSO READ| UN Designates Pakistan Taliban Leader Noor Wali Mehsud As Global Terrorist

“We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic. Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector. We would urge organisations to familiarise themselves with the advice we have published to help defend their networks,” said Paul Chichester, NCSC Director of Operations in a statement.

The UK Foreign Secretary, Dominic Raab has also condemned the attempted attacks and issued a statement saying, "It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic," the UK Foreign Secretary, Dominic Raab, said in a statement. While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health.”

APT29 or Cozy Bear

According to the NCSC, the APT29 is also known as ‘the Dukes’ or ‘Cozy Bear’. The hacker group uses different techniques such as spear-phishing in which emails are sent from a trusted source so that people reveal their personal information easily. The group also uses custom malware known as "WellMess" and "WellMail".

In a statement, the NCSC has said that ‘APT29’s campaign of malicious activity is ongoing, predominantly against government, diplomatic, think-tank, healthcare and energy targets to steal valuable intellectual property.’

The group has been accused of many high profile phishing attempts such as the attack on the Pentagon email system in 2015, the US Democratic National Committee cyber attacks in 2016 and attempts to hack Dutch ministry in 2017.