Russian and North Korean hackers targeting Covid vaccine work, says Microsoft
13 November 2020, 14:24
The tech giant said most of the targets were ‘directly involved in researching vaccines and treatments for Covid-19’.
Microsoft says it has detected attempts by state-backed Russian and North Korean hackers to steal data from leading pharmaceutical companies and vaccine researchers.
The tech giant said in a blog post that most of the attacks in recent months were unsuccessful, but provided no information on how many succeeded or how serious the breaches were.
Chinese state-backed hackers have also targeted vaccine-makers, the US government said in July while announcing criminal charges.
Microsoft said most of the targets — located in Canada, France, India, South Korea and the US — were “directly involved in researching vaccines and treatments for Covid-19″.
It did not name the targets but said most had vaccines in various stages of clinical trials.
The company identified one of the state-backed hacker groups as Fancy Bear, the Russian military agents who Britain’s National Cyber Security Center said in July were behind such intrusion attempts.
Two others were North Korea’s Lazarus Group and a group Microsoft calls Cerium.
Most of the break-in efforts involved attempts to steal the login credentials of people associated with the targeted organizations.
The Lazarus Group posed as job recruiters while Cerium targeted spear-phishing emails that masqueraded as missives from World Health Organisation representatives, Microsoft said.
The blog post coincided with an appearance by Microsoft president Brad Smith at an international forum calling on nations to protect health care facilities from cyberattacks. This year, the Paris Peace Forum is taking place online.
Optimism about a Covid-19 vaccine has grown since pharmaceutical giant Pfizer announced earlier this week that preliminary data showed its vaccine to be 90% effective.
At the same time, coronavirus cases are surging.
