Microsoft has warned numerous vaccine makers of the state-sponsored hackers that are deviously targeting companies involved in the making of vaccines for the coronavirus over the past few weeks.
In the tech giants’ new blog post, Microsoft has claimed that cyberattacks that originated in North Korea and Russia have been targeting companies conducting research for COVID-19 vaccines and treatments. The company says the attacks were aimed at seven leading pharmaceutical companies and researchers in the US, Canada, France, India, and South Korea. At least seven companies currently involved in the COVID vaccine development and trials have been targeted.
The blog clearly stated that the attacks that had been monitored and warded off were hacking attempts and cyberattacks coming from ‘state-backed hacking groups’, the states in question being Russia and North Korea.
According to Microsoft, the majority of the attacks were blocked by its security protections.“It’s disturbing that these challenges have now merged as cyberattacks are being used to disrupt health care organizations fighting the pandemic. We think these attacks are unconscionable and should be condemned by all civilized society”, read the blog post.
As reported by the company, attackers applied various techniques in going through with the attacks, some of which included brute force login attempts to steal login credentials, and spear-phishing attacks where the hackers posed as recruiters seeking job candidates, or even as representatives of the World Health Organization.
As mentioned in the blog, the attacks came from Strontium, a Russian group also known as ‘Fancy bear’ as well as two hacking groups based in North Korea called Zinc and Cerium. “Strontium continues to use password spray and brute force login attempts to steal login credentials. These are attacks that aim to break into people’s accounts using thousands or millions of rapid attempts. Zinc has primarily used spear-phishing lures for credential theft, sending messages with fabricated job descriptions pretending to be recruiters. Cerium engaged in spear-phishing email lures using Covid-19 themes while masquerading as World Health Organization representatives,” Tom Burt – Corporate Vice President, Customer Security & Trust, Microsoft, explained via the post.
Towards the end of the blog, Microsoft beseeched international organizations to take cognizance of such attacks and pushed for a law that would protect private healthcare facilities from malicious attacks like these, in the public interest.