Russian And North Korean State Sponsored Hackers Are Targeting COVID Vaccine Makers

Russian And North Korean State Sponsored Hackers Are Targeting COVID Vaccine Makers

Microsoft has sounded the alarm that state-sponsored hackers are targeting COVID vaccine makers with companies involved in making vaccines for the coronavirus having to ward off cyberattacks over the past few weeks. Microsoft hasn’t minced any words and says that these hacking attempts and cyberattacks are coming from what it calls state backed hacking groups, and the states in question being Russia and North Korea. At least 7 companies currently involved in the COVID vaccine development and trials have been targeted. The attacks have been targeting researchers and hospitals in India, Canada, France, South Korea and the US, though Microsoft has not named any companies or specific cyberattack targets.

The attacks came from Strontium, Russian group also known as Fancy bear as well as two hacking groups based in North Korea called Zinc and Cerium. “Strontium continues to use password spray and brute force login attempts to steal login credentials. These are attacks that aim to break into people’s accounts using thousands or millions of rapid attempts. Zinc has primarily used spear-phishing lures for credential theft, sending messages with fabricated job descriptions pretending to be recruiters. Cerium engaged in spear-phishing email lures using Covid-19 themes while masquerading as World Health Organization representatives,” says Tom Burt – Corporate Vice President, Customer Security & Trust, Microsoft. The company says all these attempts were blocked by the security protections built into their products and have since notified all the organizations that were targeted.

Microsoft is also pushing for an international law that protects healthcare facilities from cyberattacks. “Microsoft is calling on the world’s leaders to affirm that international law protects health care facilities and to take action to enforce the law. We believe the law should be enforced not just when attacks originate from government agencies but also when they originate from criminal groups that governments enable to operate – or even facilitate – within their borders. This is criminal activity that cannot be tolerated,” says Burt.

Ahead of the Paris Peace Forum, as many as 651 private organizations have joined what is called the Paris Call for Trust and Security in Cyberspace. These include pharma companies as well, and 78 states and 29 public authorities. These cyberattacks come at a time when pharma companies and researchers around the world are trying to speed up research and trials in an attempt to roll out the vaccine for COVID.