On Thursday, the U.K.'s National Cyber Security Centre shared an advisory message discussing the alleged activities of a group known by the names APT29, Cozy Bear, and the Dukes. In an accompanying statement, Paul Chichester—Director of Operations for the NCSC—called the reported actions "despicable" and advised that organizations around the world "familiarize themselves" with the rundown of related advice they published on how best to defend affected networks.
"Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector," Chichester said.
In their own statement, the team at the Cybersecurity and Infrastructure Security Agency in the U.S. characterized the alleged attacks as "malicious activity" meant to target vaccine development and related research in the U.S., the U.K., and Canada. This "malicious cyber actor," the agency said on Thursday, is employing "a variety of tools and techniques" as part of an effort to disrupt organizations involved with potential COVID-19 vaccines.
Both agencies—in partnership with the National Security Agency (NSA) and Canada's Communications Security Establishment—are behind the aforementioned Joint Cybersecurity Advisory guidelines.
A breakdown from CNBC highlights some of the alleged methods used by the group, including spear-phishing and custom-made malware aimed at researchers. The state-owned TASS news agency said Thursday that a Kremlin spokesperson had "rejected" the allegations brought by security officials, citing what they claim is a lack of evidence.