Russia is working diligently to find a vaccine to COVID-19 using its own specialty — hacking. U.K. security officials said today that they identified a hacking group, dubbed APT29, that's "almost certainly" working with Russian intelligence services to target healthcare companies and steal their vaccine research. APT29 was previously accused of hacking the Democratic National Committe in 2016, leaking the private emails of Hillary Clinton to Wikileaks.
U.K. officials say that their assessment has been corroborated by the U.S. and Canada. The country will "counter those conducting such cyber attacks," without specifying what that means.
“We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic," said Paul Chichester, director of operations at the National Cyber Security Centre. The organization says APT29 is taking advantage of common hacking techniques like spear-fishing to target researchers with deceptive emails and install malware on their computers known as "WellMail" or "WellMess." Organizations that might be targeted are urged to check their security measures.
The U.K. today also said that it has "reasonable confidence" Russia tried to interfere in the country's 2019 elections by stealing confidential documents and providing them to the Labour Party. It was the first time U.K. officials have acknowledged Russian interference in its own elections.
The offical line in Russia is that coronavirus pandemic has been handled fine there, and that it's now safe fto return to public gatherings. Many believe it suppressed accurate reporting of infection numbers while President Vladimir Putin worked to pass a resolution giving him the ability to hold office until 2036.
Russian infowarfare — Since the fall of the Soviet Union left it weak, Russia has relied on hacking as its preferred form of warfare. It makes sense considering the country places a much greater emphasis on IT training in middle school and high school than does the United States. Less savvy Americans are basically open season for easy tricks. Russia pleads ignorance by saying any hackers aren't officially associated with the government but are instead rogue actors. It conveniently doesn't have an extradition treaty with the U.S. so frequent indictments of Russian hackers are symbolic more than anything.
The IT security problem in the U.S. is set to get worse now that the Trump administration has paused issuance of H1B visas for skilled workers.
Security experts have in the past found breadcrumbs leading hacks back to Russia. For example, hackers have sometimes left Cyrllic characters buried in their code, and worked during Russian government business hours but not during Russian holidays. Intelligence officials in the U.S. are often cautious of publicly revealing their own methods for tying hacks back to Russia, however.