LONDON – Pharmaceutical companies and academic researchers working on COVID-19 vaccines are being targeted by Russian state-sponsored hackers, according to the U.K. National Cyber Security Centre (NCSC).

The U.K. view is endorsed by the U.S. National Security Agency and Canada’s Communications Security Establishment, and the three agencies have issued a joint statement advising companies how to protect against these attacks.

U.K. Foreign Secretary Dominic Raab said it is “completely unacceptable” that Russian intelligence services are targeting people working to combat the coronavirus pandemic. “The U.K. will continue to counter those conducting such cyberattacks and work with our allies to hold perpetrators to account,” Raab said.

The group of hackers, called APT29 and also known as the Dukes or Cozy Bear, “are almost certainly part of Russian Intelligence services,” the joint assessment says.

The group has targeted organizations involved in COVID-19 vaccine development in Canada, the U.S. and the U.K. throughout 2020, “highly likely with the intention of stealing information and intellectual property,” according to the assessment.

NCSC said it is 95% certain APT29 is sponsored by the Russian government, and that it is 80% to 90% certain this activity aims to collect information on vaccines research or research on the COVID-19 virus itself.

APT29 conducts widespread scanning, looking for vulnerable systems from which passwords and other authentication credentials can be stolen, in order to gain broader access. There is direct evidence of scanning against IP addresses owned by organizations involved in vaccines research, according to the joint assessment. After stealing authentication data, APT29 uses the information to obtain legitimate credentials, maintaining access inside corporate firewalls.

Paul Chichester, director of operations at NCSC, urged organizations to follow advice on how to protect their networks. “The NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector,” Chichester said.

NCSC previously issued a warning that cyber attackers are exploiting vulnerabilities which have opened up as a result of the surge in home working during lockdown. That has led to an increasing use of potentially vulnerable communications services, and NCSC said it was investigating a number of attacks on pharmaceutical companies, medical research organizations and universities.

According to NCSC, the global reach and international supply chains of pharmaceutical companies has increased the risk of exposure during the pandemic. Many elements of supply chains have been affected by the shift to remote working, creating new vulnerabilities hackers are exploiting to get access to better protected centralized systems.

One of the main techniques used is “password spraying,” a brute force attack of trying a single commonly used password against many accounts. These attacks are successful because for any given large set of users there will likely be some common passwords. In an earlier count, NCSC found the password 123456 had been used 23 million times on accounts that had been hacked.

Once password spraying has hacked an individual email account, it can be used to gain access to global email address lists.

New call for human challenge tests

The allegations of Russian hacking came as more than 100 leading medical researchers, ethicists and Nobel prize winning scientists wrote an open letter to head of the U.S. NIH Francis Collins, calling for the use of human challenge trials to accelerate development of COVID-19 vaccines.

The letter was issued via the One Day Sooner campaign, set up to promote challenge studies, which has signed up 31,254 volunteers in 140 countries who say they would be willing to take part in such trials.

The signatories are calling for immediate preparations to be made for challenge trials, including producing a non-attenuated SARS-CoV-2 virus to good manufacturing practice standards, and the setting up of bio-secure facilities where it can be administered.

The One Day Sooner letter adds to the head of steam behind human challenge trials, which has been building since early in May, when the World Health Organization said those studies would be ethical, and set out the criteria for how they should be run.

The EMA, too, has said challenge trials would be useful in various parts of the vaccine development process, in particular in gauging correlates of protection and providing useful information to speed regulatory decisions.

Collins is known to favor challenge trials, having expressed support in a joint opinion piece co-authored with Anthony Fauci, director of the National Institute of Allergy and Infections, published in Science on May 11. “Such experiments, if designed to define potential immune correlates or winnow out less effective vaccine approaches, may have utility,” they said.

There has been much water under many bridges for Fauci since then, who has faced widespread criticism from U.S. President Donald Trump and members of his administration.

After particularly sustained attacks over the past week, on July 16, the Biotechnology Innovation Organization (BIO) spoke out in defense of Fauci’s credibility and character, saying he does not deserve those denunciations, which in the long run will only undermine the response to the pandemic.

Michelle McMurry-Heath, BIO president and CEO, said, “Nothing is more disheartening or disturbing than to see Dr. Anthony Fauci, a critical leader at a pivotal moment, maligned publicly and attacked personally.”

The attacks on Fauci are “discouraging and distracting” thousands of scientists in BIO member companies who have been working around the clock on COVID-19 research, said McMurry-Heath. At the same time, the attacks erode public trust in the vaccines and therapies that are being developed.

Fauci is a decent man, a brilliant scientist, and dedicated public servant, who has committed his life to advancing the power of science and promoting public health for over 30 years, McMurry-Heath said. “We need his first hand historical and scientific knowledge now more than ever.”

No Comments