Site navigation

Russian Hackers Exposed Trying to Steal Covid-19 Vaccine Research

Ross Kelly



British, American and Canadian intelligence services believe the hacker group is backed by the Russian state.

State-sponsored Russian hackers are targeting organisations involved in Covid-19 vaccine research, according to the National Cyber Security Centre (NCSC).

The cybersecurity centre today published a statement revealing the activities of the hacker group known as ‘APT29’.

Known targets of the hacker group – which is also named ‘Cozy Bear’ or ‘the Dukes’ – include British, American and Canadian vaccine research and development organisations.

Both the NCSC and Canada’s Communications Security Establishment (CSE) said it is “almost certain” that the group operates as part of the Russian intelligence services.

In a statement, the NCSC said: “Throughout 2020, APT29 has targeted various organisations involved in Covid-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of Covid-19 vaccines.”

APT29 is also believed to be targeting government and healthcare services, as well as energy assets. The group uses a range of sophisticated tools and techniques, including spear-phishing and custom malware known as “WellMess” and “WellMail”.

Paul Chichester, director of operations at the NCSC, commented: “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic.

“Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector.”

The NCSC has previously warned that state sponsored hacker groups could target organisations involved in both national and international Covid-19 responses.


Foreign secretary Dominic Raab condemned the cyber attacks and called for an immediate halt to the hacker group’s operations.

He said: “It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic.

“While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health.”

Raab added: The UK will continue to counter those conducting such cyber attacks, and work with our allies to hold perpetrators to account.”

Ross Kelly

Staff Writer

Latest News

Digital Social Media
Editor's Picks Security
%d bloggers like this: