Russia

The Real Reason Behind Russia’s COVID-19 Vaccine Hacks

THE BEARS ARE BACK

Cybersecurity experts say the aim of Russia’s hacking attacks may be to discredit Western coronavirus vaccines.

FOR-TRELLO-ONLY_zfycyc
Photo Illustration by Kelly Caminero/The Daily Beast/Getty

MOSCOW—Russian researchers at five leading scientific institutes and several private laboratories have expended a tremendous effort in a search for a coronavirus vaccine. Some have injected themselves with experimental doses. They’ve worked weekends and holidays. Russia is currently proposing eight experimental vaccines to the World Health Organization, as prospective treatments or prophylactics for COVID-19. 

But just being good was apparently not enough for Russia’s propagandists—they want to be first to a vaccine. And Western nations are now accusing Moscow of scientific cybercrime, saying it helped hackers target coronavirus research in the U.K., U.S., and Canada. (Russia’s ambassador to London has denied the claims.) 

Special services in the three Western nations have accused Russian authorities of assigning a group of cyberspies—known as APT29, or by the nicknames Cozy Bear or the Dukes—to target COVID-19 research at some of the most successful companies and universities in other nations. 

ADVERTISEMENT

The U.S. National Security Agency (NSA) directly blamed APT29 in a statement on Thursday and the United Kingdom’s major cybersecurity center, the NCSC, said they were “almost certain” that hackers working for Russian intelligence services pried into British vaccine research. 

“The APT29 group is known as very careful,” says Irina Borogan, who authored the book The Red Web, about Russian cyber-policies, with Andrei Soldatov. She speculated that the hackers could have been looking to discredit the West’s research.

“Their strategy must be to find discrediting information about something going wrong at the Western vaccine producing companies—special services have a name for such operations: active measures,” Borogan told The Daily Beast, adding that the theft of scientific secrets has not been part the group’s approach before, and that they tended to search instead for compromising information. 

“They fish around for information that later could be used for propaganda purposes, for example to claim that the Western company was not researching a vaccine but a biological weapon,” she said. “We are waiting to hear official accusations with more specific information.”

Soldatov and Borogan have been writing about Cozy Bear’s attacks on foreign governments and politicians since 2014, most famously with the electronic break-in of the Democratic Party before the 2016 election. Another Russian cyberspy team, known as APT28, was responsible for releasing stolen data to influence the election, U.S. officials say. 

They fish around for information that later could be used for propaganda purposes, for example to claim that the Western company was not researching a vaccine but a biological weapon.

Still, tracing Cozy Bear’s and APT29’s work back to specific Kremlin orders is often a difficult task. Independent experts investigating APT29 say they are unlikely to have left any trails leading directly to the Russian state itself. 

Roman Dobrokhotov, an editor at Insider, a publication closely following Russian cyber-espionage, has previously followed specific Russian hackers. “We have reported on the hacker groups associated with the state attacking Angela Merkel’s and Emmanuel Macron’s emails or hacking [the] MH17 investigation team,” he said. All of these campaigns were aimed at discrediting their targets. But the latest COVID-19 attacks sound like “the World War II hunt for nuclear bomb secrets,” he said, adding, “I have not seen such examples of espionage yet.”

Unlike in the West, where leakers sometimes bring to light details of cyber-espionage, an insider’s account is unlikely in Russia. “Russian special services almost never leak information about their operations,” Andrei Zakharov, an investigative reporter at the BBC Russian service said in an interview with The Daily Beast. “In Russia we are dealing with the system that exists in a state of a besieged castle, a monolith of agencies that rarely leak.” 

Russian special services almost never leak information about their operations.

The hacking allegations take place against a backdrop of tremendous domestic pressure for Russia to produce the first COVID vaccine.  News stories in Russian media proclaim that the country is running ahead in the international research race and trumpet that the country will have a vaccine by early fall. For Russia, a vaccine is not only about lives saved or money made, but also a matter of national pride—a victory similar to medals at the Olympic Games, or breakthrough achievements in the Soviet arms race with the West (notably, also both areas where Russia has cheated or pilfered secrets).

The vaccine race recalls a military operation in other ways. Dozens of soldiers took part in clinical vaccine trials conducted by the Army and the Gamaleya Institute of Epidemiology and Microbiology, one of the five institutes developing vaccines. Last week, Russia’s Defense Ministry announced the end of successful first phase trials, which, it said, “allow[s] us to speak with confidence about the safety and good tolerability of the vaccine.” 

The state news agency Sputnik rushed to announce on Sunday that “Russia has finished trials of the world’s first vaccine.” The Gamaleya Institute says mass production of the vaccine will begin in September. And on Monday, Bloomberg reported that Gamaleya had already been giving doses of the experimental vaccine to Russian elites.

The hacking scandal has shaken local scientists, whose priority is a working vaccine, rather than beating American or Chinese researchers on timing. Top Russian researchers of the COVID-19 vaccine call for Russia to be patient. “People can create the vaccine quickly but there is no guarantee it will work effectively; this is a long process that might take from a year-and-a-half to three years,” Igor Nikonorov, a senior researcher at the Institute of the Flu in St. Petersburg, said. 

The founder of Moscow’s Genetico Center, Artur Isayev, believes that the true winner will be the inventor of a vaccine that will give people long-term immunity, not the first to work in the short term. “The idea of some hackers stealing secrets about the COVID-19 vaccine sounds ridiculous since the success is not about the right recipe—the problem is that Russia does not have as much experience in data banks and proper management [of trials],” Isayev said. 

And no hacker can steal such things. 

Got a tip? Send it to The Daily Beast here.