(Photo by Joe Raedle/Getty Images) As the US closes in on a COVID-19 vaccine, state-sponsored hackers from Russia and North Korea have been spotted trying to steal the research, Microsoft claims. “In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19,” Microsoft VP for Security Tom Burt wrote in a blog post on Friday. The company alleges one of the hacking groups is Fancy Bear, which is best known for breaking into the Democratic National Committee in 2016. The other two actors have been dubbed “Zinc” and “Cerium,” and both allegedly originate from North Korea. According to Microsoft, the state-sponsored hackers have targeted pharmaceutical companies and vaccine researchers based in Canada, France, India, South Korea, in addition to the US. “Among the targets, the majority are vaccine makers that have COVID-19 vaccines in various stages of clinical trials,’ Burt said, without naming the companies. “One is a clinical research organization involved in trials, and one has developed a COVID-19 test.” The bad news is that in some cases the hacking attempts were successful, although Microsoft blocked most of the attacks. “We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help,” Burt added. Microsoft didn’t say how it attributed the attacks to the state-sponsored groups. But in Fancy Bear’s case, the hackers have been using automated computer programs capable of inputting thousands of password combinations to break into people’s accounts. The North Korean hackers, on the other hand, have been spotted sending out spear-phishing emails, which can trick recipients into downloading malware or visiting a malicious website. The emails include pretending to be job recruiters or representatives of the World Health Organization. Microsoft revealed the findings to underscore why the world needs an international treaty banning cyberattacks against the healthcare industry. “We think these attacks are unconscionable and should be condemned by all civilized society,” Burt said. Microsoft President Brad Smith is participating in today’s Paris Peace Forum to lobby world governments for such a pact. In the meantime, the company has been offering healthcare organizations free access to Microsoft’s threat detection service known as AccountGuard. “Any health care-related organizations that wish to enroll can do so here,” Burt said. In July, cyber authorities in the US, UK, and Canada claimed another Russian hacking group, Cozy Bear, was also going after COVID-19 vaccine research. One of the group’s tactics has involved scanning the victim’s computer networks for publicly known vulnerabilities, and then trying to exploit them.
Wir nutzen Cookies auf unserer Website. Einige von ihnen sind essenziell für den Betrieb der Seite, während andere uns helfen, diese Website und die Nutzererfahrung zu verbessern (Tracking Cookies). Sie können selbst entscheiden, ob Sie die Cookies zulassen möchten. Bitte beachten Sie, dass bei einer Ablehnung womöglich nicht mehr alle Funktionalitäten der Seite zur Verfügung stehen.
(Photo by Joe Raedle/Getty Images) As the US closes in on a COVID-19 vaccine, state-sponsored hackers from Russia and North Korea have been spotted trying to steal the research, Microsoft claims. “In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19,” Microsoft VP for Security Tom Burt wrote in a blog post on Friday. The company alleges one of the hacking groups is Fancy Bear, which is best known for breaking into the Democratic National Committee in 2016. The other two actors have been dubbed “Zinc” and “Cerium,” and both allegedly originate from North Korea. According to Microsoft, the state-sponsored hackers have targeted pharmaceutical companies and vaccine researchers based in Canada, France, India, South Korea, in addition to the US. “Among the targets, the majority are vaccine makers that have COVID-19 vaccines in various stages of clinical trials,’ Burt said, without naming the companies. “One is a clinical research organization involved in trials, and one has developed a COVID-19 test.” The bad news is that in some cases the hacking attempts were successful, although Microsoft blocked most of the attacks. “We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help,” Burt added. Microsoft didn’t say how it attributed the attacks to the state-sponsored groups. But in Fancy Bear’s case, the hackers have been using automated computer programs capable of inputting thousands of password combinations to break into people’s accounts. The North Korean hackers, on the other hand, have been spotted sending out spear-phishing emails, which can trick recipients into downloading malware or visiting a malicious website. The emails include pretending to be job recruiters or representatives of the World Health Organization. Microsoft revealed the findings to underscore why the world needs an international treaty banning cyberattacks against the healthcare industry. “We think these attacks are unconscionable and should be condemned by all civilized society,” Burt said. Microsoft President Brad Smith is participating in today’s Paris Peace Forum to lobby world governments for such a pact. In the meantime, the company has been offering healthcare organizations free access to Microsoft’s threat detection service known as AccountGuard. “Any health care-related organizations that wish to enroll can do so here,” Burt said. In July, cyber authorities in the US, UK, and Canada claimed another Russian hacking group, Cozy Bear, was also going after COVID-19 vaccine research. One of the group’s tactics has involved scanning the victim’s computer networks for publicly known vulnerabilities, and then trying to exploit them.