Email this Article Email   

CHIPS Articles: NSA Teams with NCSC, CSE, DHS CISA to Expose Russian Intelligence Services Targeting COVID-19 Researchers

NSA Teams with NCSC, CSE, DHS CISA to Expose Russian Intelligence Services Targeting COVID-19 Researchers
By NSA News - July 21, 2020
FT. MEADE, Md. — In response to Russian Intelligence Services targeting COVID-19 research and vaccine development in the United States, United Kingdom and Canada, the National Security Agency, National Cyber Security Center, Communications Security Establishment and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency released a joint cybersecurity advisory to expose the malicious activity by the group publicly known as “APT29,” “CozyBear” or “The Dukes.” APT29 uses a variety of tools and techniques to predominantly target governmental, diplomatic, think-tank, healthcare and energy targets for intelligence gain.

The advisory details how the Russian Intelligence Service group targeted organizations involved in COVID-19 vaccine development in the United States, Canada and the United Kingdom, likely to steal information and intellectual property relating to the development and testing of COVID-19 vaccines. The report shares APT29’s tactics, techniques and procedures (TTPs) with network defenders as well as indicators of compromise (IOCs). The advisory also highlights malware commonly used by APT29 that has not previously been linked to the group.

System owners and administrators are encouraged to follow the mitigation steps in the advisory to reduce risk of being compromised by this actor.

APT29 Targets Covid-19 Vaccine Development. NSA image
Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer