Russian hackers seem to be interested in Canadian research on COVID-19

You are currently viewing Russian hackers seem to be interested in Canadian research on COVID-19
Photo by Chokniti Khongchum from Pexels

By Prajwal Malladi, CRRI Intern

There have been reports that Russia tried to steal information pertaining to vaccine research going on in Canada, the UK and the USA as alleged by security agencies of these countries.

The detrimental intelligence and security threat was identified by these nations as a result of “Russian cyber threat activity” directed at universities and research institutes involved in the development of vaccines for coronavirus.

These malicious cyber activities were very likely undertaken to steal information and intellectual property relating to the development and testing of COVID-19 vaccines, and serve to hinder response efforts at a time when healthcare experts and medical researchers need every available resource to help fight the pandemic,” said the Canadian Communications Security Establishment in a statement.

The UK National Cyber Security Centre, Canada’s Communications Security Establishment, the US National Security Agency and the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency released a comprehensive report on the cyberattacks undertaken by the Russians on July 16, 2020. According to this document, Russian hackers used “WellMess” and “WellMail” malware to target global organizations.

This broad targeting potentially gives the group access to a large number of systems globally, many of which are unlikely to be of immediate intelligence value. The group may maintain a store of stolen credentials in order to access these systems in the event that they become more relevant to their requirements in the future,” reads the advisory.

As soon as news broke out in North America and Canada regarding malicious activities targeting vaccine research and reports of Russians orchestrating these attacks, the spokesperson for Vladimir Putin vociferously denied these allegations, calling them baseless and accusing the American and Canadian governments of hogwash. The Russian Ambassador to the UK also refuted allegations that Moscow was trying to steal research on coronavirus vaccine.

“I don’t believe in this story at all, there is no sense to it,” Andrei Kelin said in a BBC interview aired on July 19.

Canada’s Public Safety Minister Bill Blair hinted that while Russia had been named in this instance, there were other adversaries who had their sights on vaccine research going in Canada. The Canadian Defence Minister Harjit Sajjan praised the agencies for calling out the “bad behaviour,” and deterring other malicious foreign actors from targeting Canadian intelligence. 

It remains unclear as to whether these attacks have hindered vaccine research in any manner. “On any given day, Communications Security Establishment’s dynamic defence capabilities block up to two billion reconnaissance scans on these systems,” said Evan Koronewski, spokesperson of this security establishment in his statement to CTV News, referring to the Government of Canada’s systems.

Moreover, the Canadian Security Intelligence Service and the Communications Security Establishment warned about potential cyberattacks back in May stating that the ongoing situation presented an elevated risk of security to Canadian health organizations and personnel involved in the national response to Covid -19 pandemic. The agencies reassured that they had already seen the burgeoning risk of foreign interference and espionage with respect to Canadian research and intellectual property of Canadian companies. While they did not specify who those foreign actors might be or specific operations but they were certain that foreign interference had increased during this pandemic. Both agencies said they were working relentlessly to mitigate threats and were reaching out to organizations with advice as to how to deal with such attacks and preventive measures that can be taken such as close monitoring of network logs and securing critical servers.

Leave a Reply