VLADIMIR Putin's Russia is behind repeated cyber attacks to try and steal a coronavirus vaccine from Britain, it was revealed today.
The UK has been able to point the finger at Russia for the very first time in explosive claims President Putin knew about attacks on Britain's coronavirus vaccine project.
⚠️ Read our coronavirus live blog for the latest news & updates
Security sources say the high-tech espionage was ordered “at the highest levels” and possibly by President Putin himself.
One source told The Sun the Kremlin was “terrified of being left behind” in the new Cold War race to find a vaccine.
A joint operation with the US and Canada uncovered a "malicious campaign" to steal information uncovered by Britain's top scientists on coronavirus with targeted attacks since March.
Britain went public with the news alongside the US and Canada to warn the world to ramp up defences against Moscow.
No10 said today they believe the attacks came from a group known at APT29 - part of the Russian intelligence service.
The clandestine group of hackers is also known as “the Dukes” or “Cozy Bear”.
The PM's official spokesman said today: "The attacks which are taking place against scientists and others doing vital work to combat coronavirus are despicable.
"Working with our allies, we will call out those who seek to do us harm in cyber space and hold them to account."
No10 also confirmed it believes Russia did not order the attacks to wreak discord, but in a brazen bid to steal medical secrets.
Here's what we know about the attacks:
- A group called APT29 linked to Russian intelligence services is behind a series of coordinated attacks to try and steal UK vaccines
- UK security services are "almost certain" the attacks were sponsored by Russia - and President Putin knew about them
- Vaccine research programs are being given the highest level of protection to protect data on coronavirus jabs
- The same group has been linked to attacks on US Democratic Party in the run-up to 2016 elections
- The group are trying to exploit known vulnerabilities in well known security software such as VPN software & external mail servers
The National Cyber Security Centre have thrown every protection they have at Britain's vaccination projects to keep them safe from attempts to steal information.
British research projects are at the forefront of the effort to find a vaccine with scientists at Oxford University and Imperial University London leading the charge to prevent thousands more from dying.
The first phase of human trials at Oxford University have raced ahead of worldwide projects and shown evidence their experimental jab generates an immune response against the killer virus.
Security has now been increased at the institutes to protect them from the “ongoing” menace.
Who are Russian hacker group APT29 or "Cozy bear"?
Advanced persistent threat (APT) group Cozy Bear have been trying to crack into Britain's tightly held information on a coronavirus vaccine.
The group - which are believed to be linked to Russian's intelligence services - were also behind the 2016 hacking of the Pentagon, the Democratic National Committee and several US NGOs.
Cozy Bear - also known as "the Dukes" have been active since at least 2008, according to researchers at Slovak cybersecurity company - who have been tracking the group since 2013.
They've also been dubbed the "Office Monkeys" because of their high-profile attack on the US Government in 2014.
The hackers use email phishing to launch their cyber attacks - and in 2014 passed security malware by using a comedic video of monkeys working in an office.
After disappearing following the 2016 cyber attacks, Cozy Bear made a come back launching a bid to hack customers that work the the US government agencies using similar tactics as their previous campaigns.
The name "the Dukes" comes from one of their primary cyber weapons known as MiniDuke.
NCSC Director of Operations Paul Chichester, said: “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic.
“Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector.
“We would urge organisations to familiarise themselves with the advice we have published to help defend their networks.”
The shocking revelations show intelligences services believe knowledge of the attacks goes to the highest level of the Kremlin.
But they refused to say if they had succeeded in stealing any major secrets.
The hackers have been trying to break into data held by pharmaceutical companies and research bodies by exploiting well-known vulnerabilities in security software - such as VPN and external mail servers.
Officials warned the threat from Russia goes even deeper than just vaccination efforts.
The group is the same one who were implicated in attacks on the US Democratic Party in the run up to the 2016 election.
Intelligence services also uncovered that Russia tried to meddle in the UK election last year by spreading documents on US and UK trade talks to Jeremy Corbyn.
The ex-Labour leader used the leaked documents - claiming the NHS was "up for sale" - in a stunt to try and smear the Tories to try and avoid his disastrous election loss.
But Foreign Secretary Dominic Raab said today the leaked documents had been "amplified" by Russian spooks after they were posted on the online forum Reddit.
Russian actors then sought to promote them further and get more media attention to try and interfere in the UK's election, the Government said.
Speaking about the recent attack, Mr Raab said: “It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic.
"While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health.
“The UK will continue to counter those conducting such cyber-attacks, and work with our allies to hold perpetrators to account.”
Labour's Shadow Foreign Secretary Lisa Nandy also blasted the attacks from Russia - a marked change from the party's approach under Jeremy Corbyn's leadership, who refused to condemn Russia for the Salisbury poisonings.
Ms Nandy said: “The reported actions of the Russian Intelligence Services are wrong and should be condemned.
"The Labour Party is committed to working with the government to protect the UK’s national security and safeguard our institutions from foreign interference – none more so than those leading the international effort to develop a Covid-19 vaccine."
“The long-overdue Russia Report must now be made public, and the Foreign Secretary come to the House of Commons and provide MPs with concrete steps that will be taken to protect the UK from these kind of foreign cyber-attacks.”
A security source added: “This is espionage not sabotage. They have been trying to steal secrets because they know that a coronavirus vaccine is a game-changer.
"Every country wants it first. Russia wants to know where it should focus its own efforts. They are terrified of getting left behind.
“The fear is that if they can manage to get into laboratories they could do some damage later on or interfere with the research.”
GCHQ boss Jeremy Fleming said in a rare interview at the Cheltenham science festival last month that state spies and criminals would target the vaccination projects.
He said: "We do know that, whether it's states or criminals they are going after things which are sensitive to us.
"So it's a high priority for us to protect the health sector, particularly the race to acquire a vaccine."
He said hackers would look for "pretty basic vulnerabilities" such as "lures to get people to click on the wrong thing... where people aren't backing up properly or whether they've got basic passwords and so on."
How to stay safe from hackers
- Protect your devices and networks by keeping them up to date: use the latest supported versions, use anti-virus and scan regularly to guard against known malware threats.
- Use multi-factor authentication to reduce the impact of password compromises.
- Tell staff how to report suspected phishing emails, and ensure they feel confident to do so, investigate their reports promptly and thoroughly.
- Set up a security monitoring capability so you are collecting the data that will be needed to analyse network intrusions
- Prevent and detect lateral movement in your organisation’s networks.
Medical research organisations working on potential vaccines in the US have also been warned to protect their data against cyber attacks - including those from China.
READ MORE SUN STORIES
Bill Evanina, director of the National Counterintelligence and Security Center, told the BBC: "We have been working with our industry and government folk here very closely to ensure they are protecting all the research and data as best they can.
"We have every expectation that foreign intelligence services, to include the Chinese Communist Party, will attempt to obtain what we are making here."
Most read in News
CORONAVIRUS CRISIS - STAY IN THE KNOW
Don't miss the latest news and figures - and essential advice for you and your family.
To receive The Sun’s Coronavirus newsletter in your inbox every tea time, .
To follow us on Facebook, simply .
Get Britain’s best-selling newspaper delivered to your smartphone or tablet each day – .