APT29 targets COVID-19 vaccine development [NCSC UK Report]

Amid a race against time for the creation of the coronavirus vaccine, Great Britain, Canada and the United States announced on Thursday that they have discovered attempts by Russia to get into computer systems and get their hands on their research in this regard.

This attack targeted three countries, namely Great Britain, Canada and the United States. “Throughout 2020, APT29 targeted various organizations involved in the development of the COVID-19 vaccine in Canada, the United States and the United Kingdom, most likely with the intention of stealing information and intellectual property related to development and testing,” London reports.

The report concludes that “In recent attacks targeting COVID-19 vaccine research and development, the group conducted basic vulnerability scanning against specific external IP addresses owned by the organisations. The group then deployed public exploits against the vulnerable services identified. The group has been successful using recently published exploits to gain initial footholds.”

Who is behind APT29?

The United States National Security Agency (NSA) said it approved the British communiqué. APT29 is considered a cyber intelligence unit of the GRU, the Russian General Staff intelligence agency. GRU uses this unit to destabilize its opponents, involving it both in wars, as was the case in Ukraine, and in elections, as was the case in the United States in 2016. ”

Throughout 2020, APT29 has targeted various organisations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines.

APT29 is using custom malware known as ‘WellMess’ and ‘WellMail’ to target a number of organisations globally. This includes those organisations involved with COVID-19 vaccine development. WellMess and WellMail have not previously been publicly associated to APT29.

It is completely unacceptable for Russian intelligence to target those working to combat the coronavirus pandemic,” British Foreign Minister Dominic Raab said.

“The UK will continue to counter those conducting such cyber attacks, and work with our allies to hold perpetrators to account,” Raab concluded.

The race for a COVID-19 Vaccine

The great powers are in a race against time to obtain the vaccine against the new coronavirus. Currently, more than 100 coronavirus vaccines are being developed across the world, with 19 candidates in human trials. However, only two experimental vaccines, one by China’s Sinopharm and another by Oxford/AstraZeneca, are in the final phase 3 trials.

US company Moderna announced encouraging results for its COVID-19 vaccine on Wednesday and said it would begin the final phase of clinical trials on July 27, which is expected to last for three months.  The announcement puts Moderna in the leading platoon in the global race to find a vaccine against COVID-19, international media report.

Hours after Moderna’s announcement, the Russian Defense Ministry issued a statement to brief the world on its progress, claiming that it had already completed the first human clinical trials of a vaccine against the new coronavirus and that they are due to be completed by the end of July.