Microsoft recently mentioned that its security team managed to detect several hacking operations launched on companies developing COVID-19 vaccines, treatments, and research.
The interesting part about Microsoft’s statement was that the cyberattacks were state-sponsored. The US-based technology company further traced these cyberattacks to North Korea and Russia.
The hacker group from Russia goes by the names of Strontium and Fancy Bear among many others employed brute-force and password spraying methods to launch login attempts and steal login credentials using which they could break into several accounts and transfer sensitive data without proper authorization.
As far as the group from North Korea is concerned, it also goes by several names, two of which are the Lazarus Group and Zinc. This group, in contrast to the hacker group from Russia, made use of spear-phishing email campaigns.
Usually, hacker groups launch these by first shooting out messages that contain fake job descriptions. Such groups also pose as recruiters and are hence able to get to different employees working for a given victim company with relative ease.
Another group that also tried to damage companies involved in making COVID-19 vaccines from North Korea goes by the name of Cerium. According to Microsoft, this hacker group is the youngest of the three groups that launched cyberattacks against US COVID-19 research companies. Cerium utilized spear-phishing cyber attacks to hurt COVID-19 companies.
In these types of attacks, hackers make use of lure emails. Hackers essentially pose as workers from organizations such as WHO and send COVID-19-themed email messages to companies they want to target.
Microsoft also revealed that the groups mentioned above specifically went after vaccine makers in the US (and some countries in Europe) that had managed to get ahead in reaching the clinical trial phases of potential COVID-19 vaccines. More specifically, these groups targeted a research organization that had done extensive research in clinical trials and another company that had successfully developed a working COVID-19 test.
Tom Burt, the current Corporate Vice President of Customer Security and Trust at Microsoft, mentioned that even though hackers tried to damage many other health organizations and companies, the vast majority were in the business of COVID-19 vaccine making. Microsoft, however, did not mention any names of the companies that had been affected by the cyberattacks.
The official blog post about the subject did not give any kind of details regarding the extent of the attack or the information that hackers may or may not have managed to compromise or steal from COVID-19 vaccine-making companies.
Microsoft did say that the company had sent notifications to the companies that may have been affected and where applicable also offered its own expertise on the recovery process. The blog further explained that Microsoft security products had provided enough protection to the targeted companies that the majority of them managed to block the above-mentioned cyber attacks from hacker groups belonging to North Korea and Russia.
In the blog post, Burt wrote that Microsoft found it disturbing that such security challenges had now emerged where cyberattacks were now beginning to disrupt organizations involved in providing health care and fighting the COVID-19 virus.
Furthermore, he said via the blog post, the company found all such cyberattacks as unconscionable and should be condemned by all civilized society.
As far as the US is concerned, the total number of new coronavirus cases per day continues to rise in all parts of the country. BioNTech and Pfizer, however, have shown promising COVID-19 vaccine candidates which are 90 percent effective in preventing any COVID-19 symptoms in various clinical trials.
Note:
Readers should understand that no independent researcher has yet examined the preliminary data regarding these COVID-19 vaccines though health experts have termed the new vaccine candidates as extremely encouraging news.Another COVID-19 vaccine candidate from another company, Moderna, will soon release data regarding its efficacy.
Conclusion
Recent cyberattacks launched against health organizations can disrupt their operations in bringing a working COVID-19 vaccine quickly to the market since instead of spending resources to fight the pandemic, treating patients, and developing a vaccine, health organizations have to focus on cybersecurity and prevent ransomware attacks.
Even before the latest round of attacks, hospitals in Thailand, Spain, Germany, and the US had to deal with ransomware attacks which hampered their ability to provide healthcare services. Consequently, health organizations have requested governments to implement harsher rules, regulations, and principles to prevent cyberattacks from damaging them in the first place and/or punish the organizations behind them.
