Skip to the content

Follow us @UKAuthority

NCSC highlights Russian cyber threat to coronavirus research

17/07/20

Mark Say Managing Editor

The National Cyber Security Council (NCSC) has published advice on detection and mitigation of cyber threats for organisations involved in developing potential vaccines for coronavirus.

Character in hoodie at computer

It has taken the step after announcing that Russian cyber actors within a threat group known as APT29 have been targeting the organisations.

NCSC said the group has an ongoing campaign of malicious activity to steal intellectual property, predominantly against government, diplomatic, thinktank, healthcare and energy organisations.

It has published an advisory notice, outlining tools and techniques used by APT29, including spear phishing and custom malware known as WellMess and WellMail.

An appendix provides rules and indicators of compromise to be used in defence against the group.

NCSC said the technical detail and mitigation advice has been endorsed by the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Despicable attacks

Its director of operations, Paul Chichester, said: “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic.

“Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector.

“We would urge organisations to familiarise themselves with the advice we have published to help defend their networks.”

Known targets of APT29 include UK, US and Canadian vaccine research and development organisations. The group uses a variety of tools and techniques, including spear phishing and custom malware known as WellMess and WellMail.

Cyber threats emerging from the coronavirus pandemic will provide a key element of UKAuthority’s next Cyber4Good conference, set to take place as a virtual event, with three 90-minute sessions on 9, 10 and 11 September. It will look at how organisations can defend the sensitive data that is playing a crucial part in coordinating the public sector response and research into the pandemic.

More details and registration for the event can be found here

 

Image from BMT

Register: Library & Alerts

Keep informed - Get the latest news about the use of technology, digital & data for the public good in your inbox from UKAuthority.