Russia ‘Cozy Bear’ Cyber Attacks COVID 19 research of US, UK, and Canada

All these days, we have seen media speculations on China that the said Asian country was allegedly launching cyberattacks on various research labs located across the world to steal data related to COVID 19 research and developments.


Early today, Britain’s GCHQ Cyber Arm NCSC has issued a press statement stating that ‘Cozy Bear’ aka Advanced Persistent Threats- APT29 was targeting medical organizations and Universities that were into the development of vaccine meant to curtail the spread of Corona Virus.


In a joint statement issued by the National Cyber Security Center, the US National Security Agency and the Canadian Communication Security Establishment, attacks were a part of a global digital campaign to siphon data related to sensitive details like Medical and Military related research, political campaigns and merger, and acquisition deals.


Factually speaking, UK happens to be the central hub for the development of Corona Vaccine as 13 teams of researchers comprising students and professors from Oxford University and Imperial College London are working on finding a sure-shot vaccine for Wuhan Virus developed in China in Nov’19.


Paul Chichester, the director of operations in the UK’s NCSC condemned such attacks from Russia and urged the hackers to save humanity from Corona Pandemic by keeping healthcare systems out of their attack radar.


Note- APT29 is known to use a variety of tools such as spear phishing and malware called “WellMail” and ‘WellMess’. Security analysts claim that the said hacking group funded by Russian Foreign Intelligence Service SVR and called with multiple names such as Office Monkeys, CozyCar, The Dukes, and Cozy Dukes. Now, they are again hitting the headlines when the US President Donald Trump is well-preparing to lead the United States for the second time after November 2020 US Polls/Elections. Remember, the same hacking group was behind the breach of the email server of the Democratic National Committee in Feb’16.


Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display