Microsoft on November 13 said that it has detected cyberattacks from state-sponsored hackers, who targetted companies directly involved in developing COVID-19-related treatment. Microsoft in a blog post on Friday informed that hackers from Russia and North Korea targetted companies and vaccine researchers in Canada, France, India, South Korea, and the United States.

Attacks from Russia, North Korea

Microsoft said the attacks came from Strontium, an actor originating from Russia, and two actors Zinc and Cerium originating from North Korea. Microsoft said the majority of the targets include vaccine those involved in COVID-19 vaccine research. The American tech company said one of the firms that were targetted was involved in trials, while another one has developed the COVID-19 test.

"Strontium continues to use password spray and brute force login attempts to steal login credentials. These are attacks that aim to break into people’s accounts using thousands or millions of rapid attempts. Zinc has primarily used spear-phishing lures for credential theft, sending messages with fabricated job descriptions pretending to be recruiters. Cerium engaged in spear-phishing email lures using Covid-19 themes while masquerading as World Health Organization representatives," Microsoft said in its statement.

Several attackers have targeted healthcare organisations since the start of the pandemic, mainly using ransomware for extracting information from hospitals across the United States. Hackers have also attacked healthcare systems in France, Germany, Thailand, Spain, and the Czech Republic. The United States recently accused China of carrying out cyberattacks on American firms with an intention to steal COVID-19 vaccine research.

