If you could take the two most defining catastrophes of Trump’s period in the White House—the one that brought him in the door, and the one that may help carry him out—and smash them together into one godawful Frankenstein of 2020 on a plate, what would that look like? Now you know. The U.K.’s National Cyber Security Centre has published a report showing that Russian hackers are attacking not just governments, not just social media, but companies and organizations directly involved in trying to develop a vaccine for COVID-19.
We already knew that Russia was trying to destroy American democracy. And recent months have made it clear that Russia was engaged in trying to murder Americans through a proxy war in which they offer bounties to terrorists. Now it seems that Russia is attempting to kill everyone—or to at least keep much of the world swimming in chaos, illness, and economic disaster—by directly interfering in the development of a vaccine. And it’s not just any group of Russian hackers. The U.K. report specifically mentions “Cozy Bear,” the same group that worked to put Donald Trump in the White House.
Cozy Bear, also called APT29, is a part of the Russian Intelligence Service with direct connection into the military. As the report points out, they’ve been Russia’s all-purpose, go-to bad actors when it comes to attacking governments, peeking into diplomatic secrets, messing with electrical grids, and basically stealing any intellectual property worth taking. When it comes to COVID-19, they’re not just hacking into those busy working on potential vaccines—the group has also infiltrated organizations involved in tracking the pandemic, and national and international efforts to formulate a response.
The full report (pdf) specifically mentions cyber attacks on vaccine research and development not just in the U.K., but also in Canada and the United States. To that end, Russia has deployed a number of techniques including the use of both spear phishing and custom malware to access local networks and databases. Once into a network, APT29 uses “anonymizing services” to maintain a persistent presence, and an open pipeline, without making themselves visible.
At present, it seems that the major purpose of the infiltration is to provide Russia with an inside track on both responses to dealing with the pandemic and progress on developing a vaccine—which is more than what’s available to American researchers. However, the persistent access means that the hackers might also interfere with everything from data collected by ongoing trials to internal orders for supplies. This access raises serious concerns over a capability that could be used to hinder development or plant false information.
Why would Russia want to do this? For the same reasons that they’ve been paying Taliban militia not just to shoot Americans, but to derail the process of negotiating a U.S. exit strategy from Afghanistan. Chaos and disruption in the West benefits Vladimir Putin. The destruction of U.S. wealth and weakening of the U.S. military benefit Putin. Keeping the U.S. and Europe entangled in a pandemic benefits Putin. Every Donald Trump misstep benefits Putin. With Trump making an unprecedented number of calls to Putin over the last three months, it should be expected that he’s been getting some “advice” on how to position U.S. troops to control U.S. cities—the perfect use for American forces as far as Putin is concerned.
Of course, prolonging the pandemic also threatens to kill tens of thousands of Russians, but what does Putin care about that? It’s not as if he’s been accurately reporting Russian deaths from COVID-19 so far. And Russian leaders have always been willing to sacrifice a few thousand, or million, of the masses to reach their goals.