15 comments

[ 5.0 ms ] story [ 49.7 ms ] thread
> Throughout 2020, APT29 has targeted various organisations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines.

Vaccine makers are trying to hide their work behind the veil of "intellectual property". The makers of this malware want the information. For what purpose do the 'malware' authors want the information?

1. To make a vaccine that works. Making a vaccine is an objective good.

2. To discover flaws with the vaccine that the company developing the vaccine would rather keep secret. Alerting the public to dangerous vaccines is an objective good.

I believe the real story here is that governments allow vaccine development companies to hide their work behind a shield of intellectual property, while the world needs a vaccine as quickly as possible.

I think it's fair to say that:

3. This information is worth an enormous amount of money.

That would explain why the current companies are attempting to hide information that could be used to save lives. Is that a moral justification for the government granting the vaccine companies a monopoly on the information, even though free sharing of the information could save even more lives?
I’ve read stories indicating that some of these companies are ramping up production prior to approval in order to have batches of doses to distribute soon after approval happens. Having a government that will protect said company’s intellectual property helps reduce financial risk to the company, making that preproduction a bit less risky overall. It’s also arguable that protecting that IP is a moral justification for the same reason — saving lives. There might not be as many companies developing vaccines and committing to large production runs before they’re even approved without it.

Keep in mind, I’m not outright saying you’re wrong. I do think you’re way oversimplifying things.

Yep, sharing information may be important, but generating the information to begin with is even more important. Whatever we do, the incentives must align so we have as many people working on the problem as possible. It is critical that there is a guaranteed revenue stream as reward for developing a vaccine; the world does not have enough scientists that can/will volunteer their time. IP is the established way of doing this. Maybe there are other solutions, but if they haven't been implemented at this point, it's already too late.
There is the possibility this APT group is trying to disrupt vaccine development because they want to watch the world burn, or they have a competing vaccine.

I doubt that is the case, but you can bet that's going to be the side the media will take...

How does what they are doing disrupt vaccine development?
For now they've only infiltrated and stole data.

But theoretically, they could also seriously disrupt IT operations virtually overnight: wipe servers, brick (expensive) lab machines, mess with door locks, cleanroom HVAC tech, corrupt sensors to render data worthless...

Vaccine researchers have had their systems infected with malware. At the minimum, they've lost time while IT has taken systems offline to research and resolve the issue. Potentially, the integrity of the data itself could be called into question. Regardless of the malware developers intentions, they have done harm just by the nature of their actions.
> 2. To discover flaws with the vaccine that the company developing the vaccine would rather keep secret. Alerting the public to dangerous vaccines is an objective good.

You seem to think that this is a net positive, but they could could also keep it secret, which is a net negative. So #3 would be to keep the flaws secret with the intention to potentially exploit the flaws in the future

If it is APT29, their motive and directive, and what they are paid for, is to ensure Russia's national interest. Which is probably access to capability, although denial of capability is also possible. That all the other stuff dovetails is just happy coincident.
Russia is one of the countries with the highest number of coronavirus cases. Decades-long brain drain makes a development of its own vaccine impossible. Now state-employed hackers try to steal an already developed one to mass produce it for Russian population.
The simple explanation here is that Putin asked for the best-possible information about when a vaccine will be ready, and their intelligence agency decided that to answer confidently, they needed to look at non-public documents.

They would likely also be looking to manufacture their own supply, using intellectual property they can't otherwise access. This would be a straightforwardly good thing; vaccines made with stolen IP still save lives, and those lives matter a lot more than how money moves around.

(Sabotage, on the other hand, would be unforgivable. But there is no evidence of that happening, so it's best not to speculate about baseless accusations.)

Agreed. This sort of thing happens pretty regularly. It's just like using spy planes: powerful states like to be able to extend their gaze as far as possible.
Is it somewhat obvious..could not Putin just oh say stop hacking and ask for it say oh gosh via the UN WHO?