Responding to reports of Russian attempts to capture COVID-19 vaccine research via cyber theft, Dr Duncan Hodges, Senior Lecturer in Cyberspace Operations at Cranfield University, said: “This is textbook activity that you would expect to see from the Cozy Bear group at this time and is typical of their approach to intelligence gathering. 

"The difference between other nation states and Russia, is that they are typically less concerned about the theft being attributed to them, meaning their appetite for risk is much higher. 

“They are using the tools, techniques and procedures that have been highly successful in the past for this advanced and persistent threat. The Cozy Bear group of hackers have historically had significant success using techniques such as spearfishing, and exploiting existing vulnerabilities in corporate IT infrastructure – all activities highlighted in NCSC’s advisory published today.

“I’d be incredibly surprised if Russia hadn’t had some success in these attacks. The reason they keep on using these tools and techniques is because they are incredibly successful in carrying them out, with successful high profile attacks on US Non-Governmental Organisations, political parties and a number of Government departments around the world. 

“At a time when people’s attention is rightly focused on developing a life-saving vaccine, cyber-security tends to take a lower priority for individuals, who overlook their basic security practices. This increase in vulnerability is what Russia thrives on to conduct its information operations.

“As long as Russia keeps having success with these methods and continues to be unafraid of being caught, these attacks will keep on coming.”

About Cranfield University

Cranfield University is a specialist postgraduate university that is a global leader for education and transformational research in technology and management.