Microsoft has discovered three advanced persistent threat actors (APTs), state-backed hacking groups in other words, that are targeting researchers looking to develop a Covid-19 (opens in new tab) vaccine.
“In recent months, we’ve detected cyber attacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for Covid-19,” Tom Burt, Microsoft’s Corporate Vice President and head of the company’s Customer Security & Trust team, said (opens in new tab). “The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States. The attacks came from Strontium, an actor originating from Russia, and two actors originating from North Korea that we call Zinc and Cerium.”
Microsoft explained that targets were either Covid-19 vaccine makers, with vaccines at various stages of clinical trials, manufacturers of Covid tests or clinical research organizations. The recent attacks varied depending on which hacking group was involved.
- We've highlighted the best endpoint protection software (opens in new tab)
- We've put together a list of the best malware removal software (opens in new tab)
- These are the best VPN (opens in new tab) providers
On the attack
According to Microsoft, Strontium’s attack methods were focused around password spray and brute force login attempts. Zinc largely employed spear-phishing lures involving fake job offers, while Cerium used Covid-19 content as part of its phishing campaign, often purporting to be the World Health Organization.
Although the majority of the attacks launched by these state-sponsored groups were blocked by security software, Microsoft has implored governments around the world to condemn the attacks and enforce the international legal standards that protect healthcare facilities.
Other organizations and individuals support Microsoft’s stance, with more than 65 healthcare-related organizations signing up to the Paris Call for Trust and Security in Cyberspace (opens in new tab).
Certainly, the recent attacks emphasize that more needs to be done to prevent cyber attackers from taking advantage of pandemic-induced panic. In addition to the three state-sponsored campaigns Microsoft has discovered, healthcare organizations fighting Covid-19 in France, Spain, Germany, Thailand and the US have all have been subjected to cyber attacks this year.
- Keep your devices protected with the best antivirus (opens in new tab) software