Warnings by officials in the U.S., U.K. and Canada that Russia's Cozy Bear, APT29, is actively trying to steal Covid-19 vaccine research by hacking vaccine trials and dropping WellMess and WellMail malware proves at least two things: Russia military intelligence is still going hard against U.S. targets, and the health care industry, particularly during the pandemic, represents an excruciatingly vulnerable soft underbelly for hackers.

"APT29's campaign of malicious activity is ongoing, predominantly against government, diplomatic, think tank, healthcare and energy targets to steal valuable intellectual property," the U.K.’s National Cyber Security Centre (NCSC) noted in an advisory.

Although the warning, backed by advisories from Canada and the U.S., explained that “throughout 2020, APT29 has targeted various organizations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines,” Russia’s underlying motives remain hazy. The most straightforward assessment would have the nation-state actors snagging research to beat competitors to the market with a vaccine of its own – striking a blow to the U.S., which has already invested billions in securing massive doses of vaccines before their efficacy and safety have been established in the hopes that widespread immunization will help stabilize the economy by putting an end to devastating lockdowns and restore normalcy.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.