Microsoft says state-sponsored hackers targeting 7 major Covid-19 vaccine makers

Microsoft has detected cyberattacks from at least three nation-state actors that are targeting seven major companies involved in the research for vaccines and treatment of Covid-19. The targets include pharma companies from Canada, France, India, South Korea, and the US. The cyberattacks have come from Strontium, an actor based in Russia, and two actors from North Korea that Microsoft calls Zinc and Cerium.

According to Microsoft, Strontium uses password spray and brute force login attempts in a bid to steal login credentials. The cyberattacks involve accessing users' accounts using millions or thousands of rapid attempts to log in.

Zinc, on the other hand, uses a familiar method of spear-phishing in order to steal credentials. The cyber attackers use fake emails with job descriptions and pretend to recruiters. Cerium also uses a similar spear-phishing approach but with emails containing Covid-19 information and pretending to be World Health Organisation representatives.

Microsoft said that security protection features built-in its products have successfully blocked the majority of these cyberattacks. It has also informed the organisations that have been targeted by these nation-state actors.

“Two global issues will help shape people's memories of this time in history – Covid-19 and the increased use of the internet by malign actors to disrupt society. It's disturbing that these challenges have now merged as cyberattacks are being used to disrupt health care organisations fighting the pandemic. We think these attacks are unconscionable and should be condemned by all civilised society,” said Microsoft in a post.

It is worth noting that cyber attackers have continued Covid-19 pandemic to target organisations and individuals in the last few months. Just a few weeks ago, FBI warned of ransomware assault against the US healthcare system. The FBI and two federal agencies said that they had “credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers.”

Cybercriminals have also escalated attacks on individuals and firms in India. According to an Acronic survey, firms in India are facing more cyber attacks than any other country. 

Separately, Dr Reddy, which has a partnership to run clinical trials of Russia's Sputnik-V COVID-19 vaccine in India, faced a major cyberattack last month. The drugmaker quickly isolated all its data centre services as a preventive measure.