Nation-State Hackers Are Targeting Covid-19 Drug Researchers Says Microsoft

Microsoft said yesterday it detected at least seven attacks on companies developing COVID-19 vaccines or treatments. The company said these attacks involved three nation-state actors; a Russian group known as “Fancy Bear” (Microsoft calls them Strontium) and North Korean groups called “Zinc” (known as the Lazarus Group) and “Cerium”.

Microsoft said the attacks used “password spray and brute force login attempts to steal login credentials” and spear-phishing emails, including some masquerading as World Health Organization representatives and pretending to be recruiters. Microsoft says the “majority of these attacks were blocked by security protections built into our products.”

Microsoft did not name the affected companies, describing them only as “leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States.”. But Microsoft says they notified companies of the attacks, and “where attacks have been successful” have offered help.

Microsoft is pushing for governments to do more.

“Microsoft is calling on the world’s leaders to affirm that international law protects health care facilities and to take action to enforce the law. We believe the law should be enforced not just when attacks originate from government agencies but also when they originate from criminal groups that governments enable to operate – or even facilitate – within their borders. This is criminal activity that cannot be tolerated.” Reads the statement.

More Details at Threat Post, ZDNet and Tech Crunch

Photo by Markus Spiske on Unsplash

Leave a Reply

Your email address will not be published.