WASHINGTON: Western governments on Thursday accused hackers believed to be part of Russian intelligence of trying to steal valuable private information about a coronavirus vaccine, calling out the Kremlin in an unusually detailed public warning to scientists and medical companies.
The alleged culprit is a familiar foe. Intelligence agencies in the United States, United Kingdom and Canada say the hacking group APT29, also known as Cozy Bear, is attacking academic and pharmaceutical research institutions involved in COVID-19 vaccine development. The same group was implicated in the hacking of Democratic email accounts during the 2016 US presidential election.
It was unclear whether any useful information was stolen. But British Foreign Secretary Dominic Raab said, “It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic.”
He accused Moscow of pursuing “selfish interests with reckless behavior.”
Sticking to more general language, White House press secretary Kayleigh McEnany said, “We worked very closely with our allies to ensure that we would take measures to keep that information safe and we continue do so so.”
The allegation that hackers linked to a foreign government are attempting to siphon secret research during the pandemic is not entirely new. US officials as recently as Thursday have accused China of similar conduct. But the latest warning was startling for the detail it provided, attributing the targeting by name to a particular hacking group and specifying the software vulnerabilities the hackers have been exploiting.
Also, Russian cyberattacks strike a particular nerve in the US given the Kremlin’s sophisticated campaign to influence the 2016 presidential election. And the coordination of the new warning across continents seemed designed to add heft and gravity to the announcement and to prompt the Western targets of the hackers to protect themselves.
“I think (the governments) have very specific intelligence that they can provide,” said John Hultquist, senior director of analysis at Mandiant Threat Intelligence. “The report is full of specific operational information that defenders can use” to protect their networks.
Russian President Vladimir Putin’s spokesman, Dmitry Peskov, rejected the accusations, saying, “We don’t have information about who may have hacked pharmaceutical companies and research centers in Britain.”
“We may say one thing: Russia has nothing to do with those attempts,” Peskov said, according to the state news agency Tass.
The accusations come at a tenuous time for relations between Russia and both the US and UK
Besides political ill will, especially among Democrats, about the 2016 election interference, the Trump administration is under pressure to confront Russia over intelligence information that Moscow offered bounties to Taliban fighters to attack allied fighters.
The Democratic chairman of the House Intelligence Committee, Adam Schiff, said “it’s clear that Russia’s malign cyber operations and other destabilizing activities — from financial and other material support to non-state actors in Afghanistan to poisoning dissidents in democratic countries — have persisted, even when exposed.” He urged President Donald Trump to condemn such activities.
The vaccine assessment came two years to the day after Trump met with Putin in Helsinki and appeared to side with Moscow over US intelligence agencies about the election interference. The UK did not say whether Putin knew about the more recent research hacking, but British officials believe such intelligence would be highly prized.
Relations between Russia and the UK, meanwhile, have plummeted since former spy Sergei Skripal and his daughter were poisoned with a Soviet-made nerve agent in the English city of Salisbury in 2018, though they later recovered. Britain blamed Moscow for the attack, which triggered a round of retaliatory diplomatic expulsions between Russia and Western countries.
More broadly, Thursday’s announcement speaks to the cybersecurity vulnerability created by the pandemic and the global race for a vaccine.
The US Department of Homeland Security’s cybersecurity agency warned in April that cybercriminals and other groups were targeting COVID-19 research, noting at the time that the increase in people teleworking because of the pandemic had created potential avenues for hackers to exploit.
Profit-motivated criminals have exploited the situation, and so have foreign governments “who also have their own urgent demands for information about the pandemic and about things like vaccine research,” Tonya Ugoretz, a deputy assistant director in the FBI’s cyber division, said at a cybersecurity conference last month.
“Some of them are using their cyber capabilities to, for example, attempt to break into the networks of those who are conducting this research as well as into nongovernmental organizations to satisfy their own information needs,” Ugoretz said.
The alert did not name the targeted organizations themselves or say how many were affected. But it did say the organizations were in the US, UK and Canada, and said the goal was to steal information and intellectual property related to vaccine development.
Britain’s NCSC said its assessment was shared by the National Security Agency, the Cybersecurity and Infrastructure Security Agency and by the Canadian Communication Security Establishment.
A 16-page advisory prepared by Western agencies and made public Thursday accuses Cozy Bear of using custom malicious software to target a number of organizations globally. The malware, called WellMess and WellMail, has not previously been associated with the group, the advisory said.
“In recent attacks targeting COVID-19 vaccine research and development, the group conducted basic vulnerability scanning against specific external IP addresses owned by the organizations. The group then deployed public exploits against the vulnerable services identified,” the advisory said.
Cozy Bear is one of two hacking groups suspected of separate break-ins of computer networks of the Democratic National Committee before the 2016 US election. Stolen emails were then published by WikiLeaks in what US intelligence authorities say was an effort to aid Trump’s campaign over Democratic rival Hillary Clinton.
A report on Russian election interference by former special counsel Robert Mueller called out another group, Fancy Bear, in the hack-and-leak operation. Cozy Bear, though, operates “quietly gaining access and gathering intelligence,” said Hultquist of the Mandiant cybersecurity firm.
Their goal, he said, is “good old-fashioned espionage.”
Separately, Thursday, Britain accused “Russian actors” of trying to interfere in December’s UK national election by circulating leaked or stolen documents online. Unlike in the vaccine report, the UK did not allege that the Russian government was involved in the political meddling.
Russia is hacking virus vaccine trials, US, UK, Canada say
https://arab.news/8mcav
Russia is hacking virus vaccine trials, US, UK, Canada say
- The alleged culprit is known as APT29, the same group was implicated in the hacking of Democratic email accounts during the 2016 US presidential election
Kenya flood death toll since March climbs to 70
- Tanzania Prime Minister Kassim Majaliwa said on Thursday that more than 200,000 people had been affected by the disaster, with 155 fatalities and 236 people injured
NAIROBI: The number of people killed in floods in Kenya due to heavier than usual rainfall since the start of the monsoon in March has risen to 70, a government spokesperson said on Friday.
In recent weeks, Kenya and other countries in East Africa — a region highly vulnerable to climate change — have been pounded by heavier-than-usual rainfall compounded by the El Nino weather pattern.
El Nino is a naturally occurring climate pattern typically associated with increased heat worldwide, leading to drought in some parts of the world and heavy rains elsewhere.
BACKGROUND
Kenyans have been warned to stay on alert, with the forecast for more heavy rains across the country in the coming days as the monsoon batters East Africa.
“The official tally of fellow Kenyans who regrettably have lost their lives due to the flooding situation now stands at 70 lives,” government spokesperson Isaac Mwaura said on X after torrential rains killed more than a dozen people in the capital, Nairobi, this week.
Mwaura said the government would issue a “comprehensive brief” following a meeting with the national emergency response committee after the extreme weather caused chaos across Nairobi this week, blocking roads and engulfing homes in slum districts. Kenyans have been warned to stay on alert, with the forecast for more heavy rains across the country in the coming days as the monsoon batters East Africa.
At least 155 people have died in neighboring Tanzania due to flooding and landslides.
Tanzania Prime Minister Kassim Majaliwa said on Thursday that more than 200,000 people had been affected by the disaster, with 155 fatalities and 236 people injured.
He said homes, property, crops, and infrastructure such as roads, bridges, railways, and schools had been damaged or destroyed.
In Burundi, one of the poorest countries on the planet, around 96,000 people have been displaced by months of relentless rains, the United Nations and the government said this month.
Meanwhile, the UN humanitarian response agency, OCHA, said in an update this week that in Somalia, the seasonal Gu rains from April to June are intensifying, with flash floods reported since April 19.
It said four people had been reportedly killed and more than 800 people affected or displaced nationwide.
Uganda has also suffered heavy storms that have caused riverbanks to burst, with two fatalities confirmed and several hundred villagers displaced.
Late last year, more than 300 people died in torrential rains and floods in Kenya, Somalia, and Ethiopia, just as the region was trying to recover from its worst drought in four decades that left millions of people hungry.
From October 1997 to January 1998, massive flooding caused more than 6,000 deaths in five countries in the region.
Somalia detains US-trained commandos over theft of rations
- The US agreed in 2017 to help train and equip the 3,000-strong Danab to act as a quick-reaction strike force against Al-Shabab
MOGADISHU: Somalia’s government said it had suspended and detained several members of an elite, US-trained commando unit for stealing rations donated by the US, adding that it was taking over responsibility for provisioning the force.
The Danab unit has been a key pillar of US-backed efforts to combat the Al-Qaeda-linked militant group Al-Shabab. The US agreed in February to spend more than $100 million to build up to five military bases for Danab.
Somalia’s Defense Ministry said in a statement that it had notified international partners of the theft and would share the outcome of its investigation.
A US official said in a statement to Reuters that Washington takes all corruption accusations seriously.
“We look forward to engaging with the Danab on creating the necessary safeguards and accountability measures to prevent future incidents that could affect future assistance,” the official said, without directly addressing whether any US support had already been suspended.
The US agreed in 2017 to help train and equip the 3,000-strong Danab to act as a quick-reaction strike force against Al-Shabab.
The group has been waging an insurgency against the central government since 2006.
Danab has been heavily involved in a military offensive by the Somali military and allied clan militias since 2022 that initially succeeded in wresting swaths of territory from Al-Shabab in central Somalia.
However, the campaign has lost momentum, with the government-allied forces struggling to hold rural areas and Al-Shabab continuing to stage large-scale attacks, including in the capital Mogadishu.
Washington suspended some defense assistance to Somalia in 2017 after the military could not account for food and fuel.
The US also conducts frequent drone strikes targeting Al-Shabab militants.
Jewish campaign group led by Gideon Falter cancels London march over safety concerns
- The Campaign Against Antisemitism says safety concerns forced it to call off its “Walk Together” march after receiving threats from ‘hostile actors’
- Last weekend, a video appeared to show police prevent ‘openly Jewish’ Falter from walking near a pro-Palestine protest but a longer version of the footage painted a different picture
LONDON: The organizers of a march in protest against antisemitism, planned for Saturday in London, “reluctantly” announced on Friday that they were canceling the demonstration.
The Campaign Against Antisemitism said it was forced by safety concerns to call off its “Walk Together” march, which was scheduled to coincide with the latest in a series of pro-Palestine marches in the British capital. The organization said it had expected thousands of people to take part but threats from “hostile actors” posed a safety risk.
“We have received numerous threats and our monitoring has identified hostile actors who seem to have intended to come to any meeting locations that we announced,” the CAA said.
“The risk to the safety of those who wished to walk openly as Jews in London tomorrow as part of this initiative has therefore become too great.
“We are no less angry about these marches than our Jewish community and its allies. We want to walk.”
The group added that it wants the Metropolitan Police not only to “manage marches” but “police” them.
Last weekend, a video that circulated on social media sparked controversy as it showed a confrontation between the CAA’s chief executive, Gideon Falter, and a Metropolitan Police officer who appeared to be preventing him from crossing the road in the vicinity of a pro-Palestine march in London because he was “openly Jewish” and his presence was “antagonizing.”
Falter, who was threatened with arrest if he did not leave the area, criticized the police for their actions during the incident and claimed there were now “no-go zones for Jews” in London amid a rise in antisemitic sentiment arising from Israel’s war on Gaza following the Oct. 7 attacks by Hamas.
Police chiefs apologized twice for the officer’s choice of words. However, a former senior police officer said on Monday that the initial, short version of the video most people saw online “did not fully represent the situation.”
A longer version showed the officer expressing concern about Falter’s actions because he appeared to be deliberately attempting to provoke the pro-Palestinian demonstrators.
Berlin police clear pro-Palestinian camp from parliament lawn
- Police dismantled tents, forcibly removed protesters and blocked the surrounding area to stop others arriving
- "The idea was to draw attention to that and ... to the German complicity and active enabling of the Israeli genocide in Gaza," the camp organizer, Jara Nassar, said
BERLIN: Berlin police on Friday began clearing a pro-Palestinian camp set up in front of the German parliament by activists demanding the government stop arms exports to Israel and end what they say is the criminalization of the Palestinian solidarity movement.
Police dismantled tents, forcibly removed protesters and blocked the surrounding area to stop others arriving.
The action followed clashes between demonstrators and police on US campuses and a blockade at Paris’s Sciences Po university, part of international protests to decry Israel’s military campaign in Gaza and Western support for Israel.
The Berlin camp ‘Besetzung Gegen Besatzung’ — ‘Occupy Against Occupation’ — began on April 8, coinciding with the start of International Court of Justice hearings in Nicaragua’s case against Germany for providing military aid to Israel.
“The idea was to draw attention to that and ... to the German complicity and active enabling of the Israeli genocide in Gaza,” the camp organizer, Jara Nassar, told Reuters.
Israel strongly denies accusations that its offensive in Gaza, which aims to destroy the Palestinian militant group Hamas, constitutes a genocide.
Nassar and a dozen protesters sat on the ground, chanting pro-Palestinian slogans and songs as police with loudspeakers called on them to leave.
“We look at what is happening in the US ... with admiration. There is no reason to believe we should stop now,” said Udi Raz, a PhD student at Berlin’s Free University and a member of the Jewish Voice association.
Raz, who wore a Jewish kippah with the Palestinian flag colors and held his phone in a live social media broadcast of the clearance, said Jewish activists had joined the camp and held a candle-lit Passover dinner there this week.
Police said the prohibition order for the camp, which had been granted authorization at the start of the protest, was due to repeated violations committed by some protesters, including the use of unconstitutional symbols and forbidden slogans.
“Protection of gatherings cannot be guaranteed at this point because public safety and order are significantly at risk,” police spokesperson Anja Dierschkesaid said, adding tents had to be moved daily under local regulations to maintain the lawn.
“For the German government, grass matters more than the lives of more than 40,000 innocent people in Gaza murdered by the Israeli military,” Raz said.
Philippine police kill an Abu Sayyaf militant implicated in 15 beheadings and other atrocities
- A confidential police report said that Abdulsaid had been implicated in at least 15 beheadings in Basilan, including of 10 Philippine marines in Al-Barka town in 2007 and two of six kidnapped Vietnamese sailors near Sumisip town in 2016
MANILA: Philippine forces killed an Abu Sayyaf militant, who had been implicated in past beheadings, including of 10 Filipino marines and two kidnapped Vietnamese, in a clash in the south, police officials said Friday.
Philippine police, backed by military intelligence agents, killed Nawapi Abdulsaid in a brief gunbattle Wednesday night in the remote coastal town of Hadji Mohammad Ajul on Basilan island after weeks of surveillance, security officials said.
Abu Sayyaf is a small but violent armed Muslim group, which has been blacklisted by the US and the Philippines as a terrorist organization for ransom kidnappings, beheadings, bombings and other bloody attacks. It has been considerably weakened by battle setbacks, surrenders and infighting, but remains a security threat particularly in the southern Philippines, home to minority Muslims in the predominantly Roman Catholic nation.
Abdulsaid, who used the nom de guerre Khatan, was one of several Abu Sayyaf militants who aligned themselves with the Daesh group.
A confidential police report said that Abdulsaid had been implicated in at least 15 beheadings in Basilan, including of 10 Philippine marines in Al-Barka town in 2007 and two of six kidnapped Vietnamese sailors near Sumisip town in 2016. The Vietnamese were seized from a passing cargo ship.
He was also involved in attacks against government forces in 2022 and a bombing in November that killed two pro-government militiamen and wounded two others in Basilan, the report said.
Abdulsaid was placed under surveillance in February, but police forces couldn’t immediately move to make a arrest because of the “hostile nature” of the area where he was eventually gunned down, according to the report.
On Monday, Philippine troops killed the leader of another Muslim rebel group and 11 of his men blamed for past bombings and extortion in a separate clash in a marshy hinterland in Datu Saudi Ampatuan town in southern Maguindanao del Sur province, the military said.
Seven soldiers were wounded in the clash with the members of the Bangsamoro Islamic Freedom Fighters.
The Abu Sayyaf and the Bangsamoro Islamic Freedom Fighters are among a few small armed groups still struggling to wage a separatist uprising in the southern Philippines.
The largest armed separatist group, the Moro Islamic Liberation Front, signed a 2014 peace pact with the government that eased decades of sporadic fighting.
Moro Islamic Liberation Front rebel commanders became parliamentarians and administrators of a five-province Muslim autonomous region in a transition arrangement after signing the peace deal. They are preparing for a regular election scheduled for next year.
