Russia is facing renewed scrutiny for its cyber espionage efforts after the U.S., Great Britain and Canada alleged Thursday that a Kremlin-linked hacking group is attempting to steal research related to coronavirus vaccine developments and testing.
The hacking group known as APT29 or “Cozy Bear,” is largely believed to operate as part of Russia's security services, and the three countries allege that it is carrying out a persistent and ongoing cyber campaign to steal intellectual property about a possible COVID-19 vaccine.
According to cybersecurity group CrowdStrike, the group was also one of two Russian cells that hacked into Democratic National Committee networks between 2015 and 2016 in the lead up to the presidential election.
ADVERTISEMENT
The United Kingdom’s National Cyber Security Centre (NCSC) first revealed the findings in a report posted online Thursday that warned APT29 has targeted research and development organizations in the U.K., U.S. and Canada using a variety of tools, including spear-phishing techniques and custom malware to help in their hacking attempts.
Top intelligence lawmakers including Sen. Mark Warner
Mark Robert WarnerLawmakers zero in on Twitter following massive hack 'Made in America' won't be as simple as it sounds US praises British ban on China's Huawei after pressure campaign MORE (D-Va.), the vice chairman of the Senate Intelligence Committee, are calling for more powerful responses to Russian’s virtual aggressions.
“It should be clear by now that Russia’s hacking efforts didn’t stop after the 2016 election,” Warner said in a statement to The Hill. “Moving forward, the United States and the western world need to be prepared for increasingly aggressive cyber-attacks from Russian actors.”
House Intelligence Chairman Adam Schiff
Adam Bennett SchiffStone rails against US justice system in first TV interview since Trump commuted his sentence Overnight Defense: US formally rejects Beijing's South China Sea claims | House set to consider defense policy bill next week | 57 injured as firefighters battle warship blaze Sunday shows - Spotlight shifts to reopening schools MORE (D-Calif.) linked the hacking efforts to a sign of desperation by Russian President Vladimir Putin
Vladimir Vladimirovich PutinThe Hill's Morning Report - Presented by Argentum - Mask mandates, restrictions issued as COVID-19 spreads Lincoln Project reports raising .8 million for anti-Trump efforts America cannot stand by while Russia plays games in Libya MORE.
“With an economy one-tenth the size of ours and a scientific research and development capacity that has withered in the decades since the fall of the Soviet Union, it is not surprising that Vladimir Putin reportedly would resort to theft as a way of trying to secure every possible advantage as Russia and other countries vie with the United States and others in the search for a vaccine,” Schiff said in a statement.
Still, some security experts say Russia is hardly alone in such efforts.
ADVERTISEMENT
“COVID-19 is an existential threat to every government in the world, so it’s no surprise that cyber espionage capabilities are being used to gather intelligence on a cure,” said John Hultquist, senior director of analysis at FireEye’s Mandiant Threat Intelligence group.
“The organizations developing vaccines and treatments for the virus are being heavily targeted by Russian, Iranian, and Chinese actors seeking a leg up on their own research,” Hultquist continued.
Theresa Payton, who served as White House chief information officer during the George W. Bush administration, told The Hill that she was not surprised by the news of Russian targeting, noting that any nation state with sufficient cybersecurity capability would likely do the same.
“I wish I could say I was surprised, but I’m not,” Payton, who currently serves as CEO of cybersecurity consultancy group Fortalice Solutions, said. “I don’t believe that Russia will be the only one to conduct those campaigns.”
APT29 is considered a savvy, active, and persistent hacking group that is known for its espionage efforts and top intelligence officials are warning to take the threat seriously.
“APT29 has a long history of targeting governmental, diplomatic, think-tank, healthcare and energy organizations for intelligence gain so we encourage everyone to take this threat seriously and apply the mitigations issued in the advisory,” NSA Cybersecurity Director Anne Neuberger warned in a statement.
NCSC warned that governments, the diplomatic corps, the healthcare industry, energy sector, and think tanks and other research organizations are among the targets.
And while security experts generally advise against assuming motivations for hackers’ spear-phishing expeditions, to these experts and lawmakers their motivation rang clear: a vaccination for the coronavirus pandemic is among one of the most highly sought developments worldwide as countries continue to grapple with millions of cases of COVID19 and stalled economies.
“APT29 is likely to continue to target organizations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic,” concludes the NCSC report, saying it is “highly likely” the group intends to steal information COVID-19 vaccines.
The joint alert on Thursday was not the first effort by top security agencies to sound the alarm on foreign espionage threats against COVID-19 vaccine development efforts.
The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned in May that Chinese government-backed hackers were targeting groups involved in COVID-19 treatment research.
“These actors have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research,” the agencies warned in the alert. “The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options.”
The warning came on the heels of a separate alert from CISA and the NCSC that advanced persistent threat (APT) groups were using the COVID-19 pandemic to target organizations seen as vulnerable, including hospitals, medical research groups, academia, and local governments.
Following these alerts, CISA Director Chris Krebs warned that he expected to see “every intelligence service” attempt to target and steal coronavirus-related research.
“The Chinese have obviously been one of the more brazen in terms of their approach, but others are in the game, too,” Krebs said on the CBS News “Intelligence Matters” podcast. “This is a very active space.”
Concerns around Russian hacking efforts are particularly pressing with only months to go until the next presidential election.
And Russian efforts to sow discord during the 2016 election are still fresh in many minds within the beltway.
During the heated 2016 presidential race, Russian actors launched a sweeping interference campaign that aimed to flame divisiveness and sway the election towards now-President Trump
Donald John TrumpAmash confirms he won't seek reelection Chicago mayor to White House press secretary: 'Hey, Karen. Watch your mouth' Pentagon mulling plan to ban Confederate flag without mentioning it by name: report MORE.
ADVERTISEMENT
They used a multi-pronged approach, including targeting election infrastructure in all 50 states, pushing out misinformation on social media, and hacking the Democratic National Committee (DNC) as well as other campaign-related email accounts.
Experts also observed APT29 carrying out a widespread phishing campaign after the 2018 midterm elections after the House flipped to a Democrat majority, in which the U.S. federal government, media outlets and think tanks were targeted.
Secretary of State Mike Pompeo
Michael (Mike) Richard PompeoPompeo attacks media, monument protests in speech on human rights The Hill's Morning Report - Presented by Argentum - Mask mandates, restrictions issued as COVID-19 spreads Hillicon Valley: Twitter accounts of Obama, Biden, Musk, others compromised | U.S. announces sanctions on Huawei, citing human rights abuses | Pompeo 'confident' foreign adversaries will interfere in elections MORE this week noted that he was “confident” foreign adversaries, including Russia, would attempt to interfere in elections this year, while also emphasizing that the Trump administration was aware of the threat.
“The American people should rest assured that whether it’s Chinese interference, Iranian interference, Russian interference, or North Korean interference, any country, or even non-state actors who now have capabilities to try to meddle in our elections, know that this administration takes seriously its responsibility to make sure every American’s vote is counted, counted properly, and that foreign influence is minimized,” Pompeo said during a virtual event hosted by The Hill.
World - Latest - Google News
July 17, 2020 at 04:31PM
https://ift.tt/30dCswA
Russian hackers return to spotlight with vaccine research attack | TheHill - The Hill
World - Latest - Google News
https://ift.tt/2SeTG7d
Bagikan Berita Ini
0 Response to "Russian hackers return to spotlight with vaccine research attack | TheHill - The Hill"
Post a Comment