Cybercriminals target the healthcare system (Pixabay)

Microsoft Says StateSponsored Hackers Target 7 Major Covid19 Vaccine Manufacturers

Adriana MaraisNovember 15, 20 data privacy, malware, Microsoft, phishing, ransomware

Microsoft has detected cyberattacks from at least three nation-state players that target seven major companies involved in vaccine research and treatment of Covid-19. Targets include pharmaceutical companies from Canada, France, India, South Korea and the United States. The cyber attacks came from Strontium, a player based in Russia, and two players in North Korea that Microsoft calls Zinc and Cerium.

According to Microsoft, Strontium uses password spray and brute force login attempts in an attempt to steal login information. Cyber attacks involve accessing user accounts using millions or thousands of quick login attempts.

Zinc, on the other hand, uses a familiar method of spear-phishing in order to steal credentials. Cyber attackers use fake emails with job descriptions and pose as recruiters. Cerium also uses a similar spear-phishing approach, but with emails containing information about Covid-19 and posing as representatives of the World Health Organization.

Microsoft said the security protection features built into its products were successful in blocking the majority of these cyber attacks. He also briefed the organizations that were targeted by these nation state actors.

Two global issues will help shape people’s memories of this time in history – Covid-19 and the increased use of the internet by malicious actors to disrupt society. It is troubling that these challenges have now merged as cyber attacks are used to disrupt healthcare organizations battling the pandemic. We believe these attacks are unacceptable and should be condemned by all of civilized society, Microsoft said in a message.

It should be noted that cyber attackers have pursued the Covid-19 pandemic to target organizations and individuals over the past few months. Just a few weeks ago, the FBI warned of a ransomware attack on America’s healthcare system. The FBI and two federal agencies have said they have “credible information about an increased and imminent cybercrime threat to US hospitals and health care providers.”

Cybercriminals have also stepped up attacks against individuals and businesses in India. Businesses in India face more cyberattacks than any other country, according to an Acronic survey.

Separately, Dr Reddy, who has a partnership to conduct clinical trials on the Russian Sputnik-V COVID-19 vaccine in India, faced a major cyberattack last month. The pharmacist quickly isolated all of his data center services as a preventive measure.