Russia’s best-known hacker groups – Fancy Bear and Cozy Bear – are considered to be linked to the country’s intelligence organisations, according to western security agencies.
Fancy Bear, the better known of the two, is linked to GRU military intelligence and is accused of being behind the hack of US Democratic party computers in the run-up to the 2016 presidential election, the product of which was widely leaked.
Microsoft, which calls the group Strontium, last week accused Fancy Bear of targeting Covid-19 vaccine makers by using “password spray and brute force login attempts” – attacks that use “thousands or millions” of rapid attempts to obtain network access by guessing the password.
Cozy Bear, linked variously to Russia’s domestic FSB and foreign SVR agencies, was accused by Britain’s NCSC agency of targeting drug research labs in the UK, the US and Canada in July. Its goal, NCSC said, was likely to be “stealing information and intellectual property relating to the development and testing of Covid-19 vaccines”.
Hackers in the group sought to gain entry to a wide variety of systems relating to medical research, often by trying to exploit known vulnerabilities left unfixed to try to gain long-term access.China
China has been accused of being engaged in hacking activities by the west for many years, with units tied to the country’s People’s Liberation Army formerly in the lead.
In 2015, China’s president, Xi Jinping, and the then US president Barack Obama struck an agreement promising not to “knowingly support cyber-enabled theft of intellectual property” for commercial advantage – which prompted a partial retreat and then a restructuring.…