The Australian government has urged Russia to stop initiating malicious cyber activity against international organisations involved in developing a COVID-19 vaccine.
The Australian Signals Directorate, the Australian Cyber Security Centre, the Department of Foreign Affairs and Trade and the Home Affairs department on Friday voiced their support of a new report launched by the US, UK and Canadian governments.
The Joint Cyber Security Advisory outlines techniques used by APT29, a cyber espionage group which the report says is “almost certainly part of the Russian intelligence services”.
It states that throughout 2020, the group has targeted various organisations involved in COVID-19 vaccine development in Canada, the US and the UK, “highly likely with the intention of stealing information and intellectual property” relating to vaccines.
The targeted organisations cover a range of sectors including government, diplomatic, think tank, healthcare and energy, the report says.
The ASD, ACSC, Home Affairs and DFAT said the targeting of COVID-19 vaccine development and research during a pandemic is “completely unacceptable behaviour”.
“Australia is concerned by any reports that malicious cyber actors are seeking to exploit the current pandemic for their own gain,” they said.
“The Australian government calls on Russia to cease immediately any cyber activity, or support for such activity, which is inconsistent with their international commitments.”
The agencies said Australia has registered its concern about malicious activity targeting health infrastructure at the United Nations, noting that the ACSC has been working with Australian organisations to build their cyber resilience, while assisting victims of cyber attacks.
The federal government recently announced it would invest $1.35 billion in cyber security, which would be used to create more than 500 new jobs at the ASD, develop new capabilities, and improve understanding of malicious cyber activity to better detect and defeat emerging threats.
The investment was announced just weeks after Scott Morrison said a sophisticated state-based cyber actor had been targeting the Australian public and private sectors for several months.