Hackers backed by the Russian state are trying to steal COVID-19 vaccine and treatment research from academic and pharmaceutical institutions around the world.
A co-ordinated statement from Britain, the United States and Canada attributed the attacks to group APT29, also known as 'Cozy Bear', which they said was almost certainly operating as part of Russian intelligence services.
"We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic," said Britain's National Cyber Security Centre (NCSC) Director of Operations, Paul Chichester.
British foreign minister Dominic Raab said it was "completely unacceptable" for Russian intelligence services to target work on the pandemic.
"While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health," he said in a statement. He said Britain would work with allies to hold perpetrators to account.
The NCSC said the group's attacks were ongoing and used a variety of tools and techniques, including spear-phishing and custom malware.
"APT29 is likely to continue to target organisations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic," the NCSC statement said.
Britain and the United States said in May that networks of hackers were targeting national and international organisations responding to the COVID-19 pandemic. But such attacks have not previously been explicitly connected to the Russian state.
The Russian government-linked group Cozy Bear is widely suspected of hacking the Democratic Party ahead of the 2016 US election.
Peace deal hopes fade after Trump rejects Iran proposal
UK's Starmer defies calls to quit, says he is getting on with governing
New Israeli law sets military tribunal for those linked to October 7 attack
Russia strikes Ukraine with drones as ceasefire ends
Dutch hospital quarantines 12 over breach of hantavirus protocol
