Russian state intelligence is hacking international research centers that are racing to develop a COVID-19 vaccine, the U.K., U.S. and Canadian governments said.
It is unclear whether research facilities have been damaged or if the vaccine programs have been set back as a result of the hacks, but officials warned that the cyberattacks are ongoing.
In a dramatic statement on Thursday, Britain’s National Cyber Security Centre (NCSC) said vaccine and therapeutic sectors in multiple countries have been targeted by a group known as APT29, which it said is “almost certainly” part of Russian state intelligence. Security agencies in the U.S. and Canada later issued their own statements backing up the findings.
“It is completely unacceptable that the Russian intelligence services are targeting those working to combat the coronavirus pandemic,” British Foreign Secretary Dominic Raab said. “While others pursue their selfish interests with reckless behavior, the U.K. and its allies are getting on with the hard work of finding a vaccine and protecting global health.”
The intelligence bombshell came at a delicate time in geopolitics with a combative U.S. election looming in November and the pandemic plunging the world economy into recession. Coronavirus has launched a global race for a vaccine, in which researchers in the U.K. have made progress recently.
Back in Moscow, President Vladimir Putin’s popularity is at a record low and the Russian leader has taken steps to ensure he can remain in power until 2036. Russia has repeatedly dismissed claims it meddles in elections despite repeated allegations of interference.
Russia denied any involvement in hacking coronavirus vaccine research. “We don’t know who may have hacked pharmaceutical companies and research centers. We can only say Russia has nothing to do with these attempts,” Kremlin spokesman Dmitry Peskov told Bloomberg.
Kirill Dmitriev, chief executive officer of Russia’s sovereign wealth fund, which is supporting vaccine research, called the accusations “an attempt to tarnish the reputation” of Russia’s vaccine efforts.
Yet the NCSC said APT29, which also goes by the name of Cozy Bear or The Dukes, has targeted U.K., U.S. and Canadian vaccine research and development organizations. The campaign of malicious activity is ongoing, predominantly against government, diplomatic, think-tank, health care and energy targets to steal valuable intellectual property, it said.
Researchers have long linked APT29 to Russian intelligence agencies. For more than a decade, the group has carried out hacking campaigns that have targeted dozens of governments, research institutes, and corporations around the world, according to an analysis published in March by cybersecurity firm Carbon Black.
In 2016, U.S. cybersecurity firm Crowdstrike linked APT29 to hack of the Democratic National Committee. The Russian hackers penetrated the DNC’s servers in the summer of 2015, and maintained access to the organization’s data for about a year, according to Crowdstrike researchers.
On Thursday, Britain’s findings were supported by its Canadian and U.S. partners, including the National Security Agency.
The NSA said organizations in the U.S. involved in vaccine development were also targeted by the hackers. The objective of the hacking was “likely to steal information and intellectual property relating to the development and testing of COVID-19 vaccines,” according to the NSA statement.
The announcement has political implications because President Donald Trump has been criticized for seeking to downplay controversy with the Russian government. It also comes as Trump is under criticism for failing to respond to a warning from U.S. intelligence that the Russian government may have offered to pay the Taliban to kill U.S. soldiers in Afghanistan.
The White House reaction to the news was muted on Thursday, with spokeswoman Kayleigh McEnany saying, “We worked very closely with our allies to ensure that we would take measures to keep that information safe, and we continue to do so and we’re aware of those activities.”
U.S. officials have said China is also working to steal U.S. vaccine research. Attorney General William Barr said in a speech Thursday that hackers linked to China have targeted American universities and companies in a bid to steal intellectual property tied to coronavirus treatments.
The Canadian government also released a statement, confirming Ottawa is working with Westminster and Washington to stop the “malicious cyber activities.” It said the hacks “serve to hinder response efforts at a time when health care experts and medical researchers need every available resource to help fight the pandemic.”
The development brings concerns about vaccine nationalism to a whole new level at a time when countries are scrambling to secure supplies of future shots in advance. Health advocates have grown increasingly concerned poorer regions will get left behind as the U.S. and other nations move to lock up doses.
In the U.K., the University of Oxford, working with partner AstraZeneca Plc, and Imperial College London have experimental coronavirus vaccines in human testing. Across the world, about 160 coronavirus vaccines are in various stages of development, according to the World Health Organization.
Worries about the U.S. pushing its way to the front of the vaccine line arose in May when Sanofi Chief Executive Officer Paul Hudson said that its shots might be available there first because one of the country’s agencies helped fund development. Sanofi said later that its vaccine would be available to everyone.