The UK, US and Canada today accused Russia of trying to steal coronavirus vaccine research by sanctioning 'despicable' cyber attacks against medical organisations and universities.
The three nations issued a bombshell joint statement this afternoon claiming a hacking group called APT29, also known as Cozy Bear, is engaged in an ongoing campaign of 'malicious activity'.
Security chiefs believe the group is 'almost certainly' operating as part of Russian Intelligence Services, with officials confident the Kremlin has given the green light for the activity.
The three nations believe the purpose of the Russian attacks is to steal intellectual property so that Moscow can develop a coronavirus vaccine first or at least at the same time as the UK, US and Canada.
It is thought that pharmaceutical and academic organisations have been targeted by the hackers but the identity of specific targets has not been made public.
The statement is likely to provoke a diplomatic firestorm and worsen already strained relations between the UK and Russia.
The Prime Minister's Official Spokesman said the cyber attacks against scientists are 'despicable'
The NCSC has concluded that APT29 'almost certainly operate as part of Russian Intelligence Services'. Russian President Vladimir Putin is pictured in Moscow on July 16
The Prime Minister's Official Spokesman said: 'The attacks which are taking place against scientists and others doing vital work to combat coronavirus are despicable.
'Working with our allies, we will call out those who seek to do us harm in cyber space and hold them to account.'
The National Cyber Security Centre (NCSC) today detailed the activity of the APT29 group.
The NCSC has concluded that APT29 'almost certainly operate as part of Russian Intelligence Services'.
The organisation's assessment has been backed by the US Department of Homeland Security, the Cybersecurity Infrastructure Security Agency and the National Security Agency as will as by the Canadian Communication Security Establishment.
The NCSC said APT29's 'campaign of malicious activity is ongoing' and it is 'predominantly against government, diplomatic, think-tank, healthcare and energy targets to steal valuable intellectual property'.
NCSC Director of Operations, Paul Chichester, said: 'We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic.
'Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector.
'We would urge organisations to familiarise themselves with the advice we have published to help defend their networks.'
The NCSC has previously warned that APT groups, which stands for Advanced Persistent Threat, have been targeting organisations involved in both national and international COVID-19 responses.
The NCSC said known targets of APT29 included UK, US and Canadian vaccine research and development organisations.