WASHINGTON: Western governments on Thursday accused hackers believed to be part of Russian intelligence of trying to steal valuable private information about a coronavirus vaccine, calling out the Kremlin in an unusually detailed public warning to scientists and medical companies.
The alleged culprit is a familiar foe. Intelligence agencies in the United States, United Kingdom and Canada say the hacking group APT29, also known as Cozy Bear, is attacking academic and pharmaceutical research institutions involved in COVID-19 vaccine development. The same group was implicated in the hacking of Democratic email accounts during the 2016 US presidential election.
It was unclear whether any useful information was stolen. But British Foreign Secretary Dominic Raab said, “It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic.”
He accused Moscow of pursuing “selfish interests with reckless behavior.”
Sticking to more general language, White House press secretary Kayleigh McEnany said, “We worked very closely with our allies to ensure that we would take measures to keep that information safe and we continue do so so.”
The allegation that hackers linked to a foreign government are attempting to siphon secret research during the pandemic is not entirely new. US officials as recently as Thursday have accused China of similar conduct. But the latest warning was startling for the detail it provided, attributing the targeting by name to a particular hacking group and specifying the software vulnerabilities the hackers have been exploiting.
Also, Russian cyberattacks strike a particular nerve in the US given the Kremlin’s sophisticated campaign to influence the 2016 presidential election. And the coordination of the new warning across continents seemed designed to add heft and gravity to the announcement and to prompt the Western targets of the hackers to protect themselves.
“I think (the governments) have very specific intelligence that they can provide,” said John Hultquist, senior director of analysis at Mandiant Threat Intelligence. “The report is full of specific operational information that defenders can use” to protect their networks.
Russian President Vladimir Putin’s spokesman, Dmitry Peskov, rejected the accusations, saying, “We don’t have information about who may have hacked pharmaceutical companies and research centers in Britain.”
“We may say one thing: Russia has nothing to do with those attempts,” Peskov said, according to the state news agency Tass.
The accusations come at a tenuous time for relations between Russia and both the US and UK
Besides political ill will, especially among Democrats, about the 2016 election interference, the Trump administration is under pressure to confront Russia over intelligence information that Moscow offered bounties to Taliban fighters to attack allied fighters.
The Democratic chairman of the House Intelligence Committee, Adam Schiff, said “it’s clear that Russia’s malign cyber operations and other destabilizing activities — from financial and other material support to non-state actors in Afghanistan to poisoning dissidents in democratic countries — have persisted, even when exposed.” He urged President Donald Trump to condemn such activities.
The vaccine assessment came two years to the day after Trump met with Putin in Helsinki and appeared to side with Moscow over US intelligence agencies about the election interference. The UK did not say whether Putin knew about the more recent research hacking, but British officials believe such intelligence would be highly prized.
Relations between Russia and the UK, meanwhile, have plummeted since former spy Sergei Skripal and his daughter were poisoned with a Soviet-made nerve agent in the English city of Salisbury in 2018, though they later recovered. Britain blamed Moscow for the attack, which triggered a round of retaliatory diplomatic expulsions between Russia and Western countries.
More broadly, Thursday’s announcement speaks to the cybersecurity vulnerability created by the pandemic and the global race for a vaccine.
The US Department of Homeland Security’s cybersecurity agency warned in April that cybercriminals and other groups were targeting COVID-19 research, noting at the time that the increase in people teleworking because of the pandemic had created potential avenues for hackers to exploit.
Profit-motivated criminals have exploited the situation, and so have foreign governments “who also have their own urgent demands for information about the pandemic and about things like vaccine research,” Tonya Ugoretz, a deputy assistant director in the FBI’s cyber division, said at a cybersecurity conference last month.
“Some of them are using their cyber capabilities to, for example, attempt to break into the networks of those who are conducting this research as well as into nongovernmental organizations to satisfy their own information needs,” Ugoretz said.
The alert did not name the targeted organizations themselves or say how many were affected. But it did say the organizations were in the US, UK and Canada, and said the goal was to steal information and intellectual property related to vaccine development.
Britain’s NCSC said its assessment was shared by the National Security Agency, the Cybersecurity and Infrastructure Security Agency and by the Canadian Communication Security Establishment.
A 16-page advisory prepared by Western agencies and made public Thursday accuses Cozy Bear of using custom malicious software to target a number of organizations globally. The malware, called WellMess and WellMail, has not previously been associated with the group, the advisory said.
“In recent attacks targeting COVID-19 vaccine research and development, the group conducted basic vulnerability scanning against specific external IP addresses owned by the organizations. The group then deployed public exploits against the vulnerable services identified,” the advisory said.
Cozy Bear is one of two hacking groups suspected of separate break-ins of computer networks of the Democratic National Committee before the 2016 US election. Stolen emails were then published by WikiLeaks in what US intelligence authorities say was an effort to aid Trump’s campaign over Democratic rival Hillary Clinton.
A report on Russian election interference by former special counsel Robert Mueller called out another group, Fancy Bear, in the hack-and-leak operation. Cozy Bear, though, operates “quietly gaining access and gathering intelligence,” said Hultquist of the Mandiant cybersecurity firm.
Their goal, he said, is “good old-fashioned espionage.”
Separately, Thursday, Britain accused “Russian actors” of trying to interfere in December’s UK national election by circulating leaked or stolen documents online. Unlike in the vaccine report, the UK did not allege that the Russian government was involved in the political meddling.
Russia is hacking virus vaccine trials, US, UK, Canada say
https://arab.news/8mcav
Russia is hacking virus vaccine trials, US, UK, Canada say
- The alleged culprit is known as APT29, the same group was implicated in the hacking of Democratic email accounts during the 2016 US presidential election
Singapore says 3 men detained since October for seeking to join Mideast conflict
The Home Affairs Ministry said in a statement the three Singaporean men were not linked to one other and had been “radicalized” online, but there was no indication others had been recruited.
It was not immediately clear why the ministry announced the detention on Thursday.
Following their arrest in October, they were detained under Singapore’s Internal Security Act, which allows suspects to be held for lengthy periods without trial.
The three were a director of a digital marketing company, a lift mechanic, and a security guard, aged 41, 21, and 44, respectively.
One of the men had visited a shooting range in Thailand to learn to operate firearms, while two planned to visit shooting ranges in Indonesia, it said.
The ministry said restrictions were placed on two other Singaporeans in June and July last year under the security law, related to the conflict in Gaza.
More than 46,000 people have been killed in the Gaza war, according to Palestinian health officials.
Much of the enclave has been laid waste, and most of the territory’s 2.1 million people have been displaced multiple times and face acute shortages of food and medicine, humanitarian
agencies say.
Zelensky meets Meloni for talks in Rome
- Meloni “reiterated the all-round support that Italy ensures and will continue to provide to the legitimate defense of Ukraine... ,” her office said
- She also “expressed solidarity for the victims of the recent Russian bombings“
ROME: Ukrainian President Volodymyr Zelensky held talks in Rome Thursday with Italian Prime Minister Giorgia Meloni, after meeting other allies in Germany.
Meloni “reiterated the all-round support that Italy ensures and will continue to provide to the legitimate defense of Ukraine... to put Kyiv in the best possible condition to build a just and lasting peace,” her office said.
She also “expressed solidarity for the victims of the recent Russian bombings,” it said in a statement, as the grinding war nears the three-year mark.
Zelensky had earlier Thursday joined a meeting of about 50 allies at the US air base Ramstein in Germany — the last such gathering before Trump takes office on January 20.
The US president-elect has criticized the large amount of US aid for Kyiv and vowed to bring the war to a swift end, without making any concrete proposals for a ceasefire or peace agreement.
In Germany, Zelensky said Trump’s return to the White House would open a “new chapter” and reiterated a call for Western allies to send troops to help “force Russia to peace.”
In a post on X, Zelensky thanked Italy for its “unwavering support,” saying: “Together, we can bring a just peace closer and strengthen our collective positions.”
He and Meloni discussed “strengthening security, addressing global developments, and preparing for this year’s Ukraine Recovery Conference to be held in Rome,” he said.
Meloni, who has led NATO and EU member Italy since October 2022, has strongly supported Ukraine in its fight against Russia, but is also politically close to Trump.
At a press conference in Rome earlier, Meloni — who visited Trump at his Florida home last weekend — said she did not believe the president-elect would abandon Kyiv.
“Frankly I don’t foresee a disengagement,” she said, adding that Trump had previously “said precisely because we want peace, we will not abandon Ukraine.”
She added that she would support options for peace that Ukraine would support.
NATO and EU member Italy has sent arms and aid to Ukraine to help fight off Russia’s invading forces, but has refused to allow Kyiv to use its weapons inside Russian territory.
Zelensky’s spokesman Sergiy Nykyforov said the Ukrainian president would meet Friday with Italian President Sergio Mattarella, the country’s largely ceremonial head of state.
US Secretary of State Antony Blinken was also in the Italian capital on Thursday for separate talks with European counterparts on Syria. It was not clear if he planned to meet Zelensky during his trip.
US President Joe Biden had also been due to visit Rome in what was expected to be his final overseas trip in office, but canceled to focus on the federal response to wildfires raging across Los Angeles.
Scotland leader refuses to be drawn on Lockerbie bombing inquiry
- John Swinney would not speculate on backing public inquiry into 1988 attack while criminal case against suspected bomb maker underway in US
- Bombing of Pan Am Flight 103 over UK that killed 270 people blamed on Libyan intelligence officials
LONDON: Scotland’s first minister has refused to be drawn on whether he supports a public inquiry into the 1988 bombing of a passenger plane blamed on Libyan intelligence officials.
The downing of Pan Am Flight 103 over the Scottish town of Lockerbie killed 270 people and remains by far the most deadly terror attack on British soil.
Libyan intelligence officer Abdel Baset Ali Al-Megrahi was jailed in 2001 for his role in the plot to place the bomb on board the flight. Al-Megrahi, who died in 2012, always insisted he was innocent and doubts have been raised about his conviction.
A television series released last week in the UK, which tells the story of the investigation by one of the victim’s fathers, has renewed interest in the case, as has an upcoming court case in the US of the alleged bomb maker, the Libyan Abu Agila Masud.
A member of the Scottish Parliament, Christine Grahame, asked First Minister John Swinney on Thursday if he supported a UK inquiry into the bombing given the “remaining concerns for some, including myself, about the credibility of the conviction” of Al-Megrahi.
She also highlighted what she described as the resistance of the UK Government to releasing relevant documents in relation to the bombing, the Daily Record reported.
Swinney said that while there was a criminal case underway in the US, “I would prefer not to speculate on possible inquiries.”
Al-Megrahi is the only person to have been convicted for the attack and there has been no public inquiry in the UK.
His trial by a Scottish court sitting in the Netherlands took place more than 11 years after the bombing and followed long negotiations with the then Libyan leader Muammar Qaddafi to hand him over along with another suspect.
The recent TV series “Lockerbie: A Search for Truth” stars British actor Colin Firth as Jim Swire, whose daughter was killed on the flight as it flew from London Heathrow to New York City four days before Christmas.
Swire believes that Al-Megrahi, who died in 2012 three years after being released on compassionate grounds, was innocent.
Two-thirds of the victims of the bombing were American and 11 residents in the town of Lockerbie were killed when sections of the aircraft fell on residential areas.
Russia breaches frontline river in east Ukraine, official says
- The Oskil river is the de-facto front line in parts of the eastern Kharkiv region
- The major of the local hub, Kupiansk, said the situation was “extremely difficult”
KYIV: Russian forces have established a bridgehead on the Ukrainian-held side of a frontline river in the east of the country, a local official said Thursday, pointing to Kyiv’s mounting battlefield struggles.
The Oskil river is the de-facto front line in parts of the eastern Kharkiv region, with Ukrainian troops entrenched mainly on the western bank and Russian forces moving to capture the eastern side.
Kremlin forces have been launching audacious attempts to cross, and local Ukrainian official Andrii Besedin told state television Thursday they had managed to cross and establish positions.
“The enemy is trying to gain a foothold in the town of Dvorichna, which is already on the right bank of the Oskil, and expand the entire bridgehead,” he said.
Besedin, the major of the local hub, Kupiansk, said the situation was “extremely difficult” and warned that Russian troops could use the bridgehead to flank Ukrainian positions.
He said Russian forces were now just two kilometers (about one mile) outside of Kupiansk, which was one of the main prizes of a Ukrainian counteroffensive in late 2022.
“The enemy is constantly trying to carry out assault operations,” he said.
The advances conceded by the local official come at a precarious time for Ukrainian forces across the sprawling front, where Russian forces have been advancing at their fastest pace in around two years.
If Russia captures more territory around Kupiansk or in the wider Kharkiv area it would undo gains that Ukraine secured in a sweeping 2022 offensive that embarrassed the Kremlin.
Both sides are looking to secure a better position on the battlefield before incoming US president Donald Trump’s January 20 inauguration, almost three years after Russia invaded.
Putin says more needs to be done to clean up Black Sea oil spill
- The oil leaked from two aging tankers after they were hit by a storm on Dec. 15 in the Kerch Strait
- One sank and the other ran aground
MOSCOW: Russian President Vladimir Putin said on Thursday that more needed to be done to clean up an oil spill in the Black Sea, saying efforts so far appeared to have been insufficient to deal with the ecological disaster.
The oil leaked from two aging tankers after they were hit by a storm on Dec. 15 in the Kerch Strait. One sank and the other ran aground.
Approximately 2,400 metric tons of oil products spilled into the sea, Russian investigators said last week, in what Putin on Thursday called “one of the most serious environmental challenges we have faced in years.”
When the disaster struck, state media reported that the stricken tankers, both more than 50-years old, were carrying some 9,200 metric tons (62,000 barrels) of oil products in total.
Since the spill, thousands of emergency workers and volunteers have been working to clear tons of contaminated sand and earth on either side of the Kerch Strait. Environmental groups have reported deaths of dolphins, porpoises and sea birds.
The Kerch Strait runs between the Black Sea and the Sea of Azov and separates Crimea’s Kerch Peninsula from Russia’s Krasnodar region.
Putin told a government meeting that the clean-up efforts had been poorly coordinated between regional and federal bodies.
“From what I see and from the information I receive, I conclude that everything being done to minimize the damage is clearly not enough yet,” the Kremlin leader told officials.
He called for a commission to be formed to mitigate the disaster and prevent oil products from leaking from flooded tankers in the future.
