14 DAY TRIAL // With one month left from a year we all want to forget as soon as possible, one of the best things we can do right now is look back at what we did wrong and hope to do better in the future and thus have a chance to actually avoid the mistakes that unfortunately end up costing the humanity way too much.
And yet, during these difficult times, there still are malicious actors out there who are trying to disrupt global efforts supposed to do good.
And Microsoft claims it knows who they are and what they want to do.
In a detailed press release published earlier this month, Microsoft says it observed cyber attacks launched from hacking groups linked with Russia and North Korea, and unfortunately for all of us, their purpose was to disrupt the development of a COVID-19 vaccine.
Microsoft says some of the attacks came from Russia and were launched by Strontium, a hacking group already involved in several other malicious practices that were eventually linked with Moscow, while others were initiated from North Korea and the involved actors were Zinc and Cerium.
“In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for Covid-19. The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States,” Microsoft warns.
Microsoft says almost all targets in these recent attacks are in one way or another involved in the fight against the new coronavirus, so a successful exploit could have devastating effects not only for the companies that are now working on a vaccine but for the entire planet too.
“Among the targets, the majority are vaccine makers that have Covid-19 vaccines in various stages of clinical trials. One is a clinical research organization involved in trials, and one has developed a Covid-19 test. Multiple organizations targeted have contracts with or investments from government agencies from various democratic countries for Covid-19 related work,” Microsoft explains.
The tactics the hackers have turned to aren’t new, but as we know already, some organizations could fall victim even to the simplest attack.
The Russian hackers are most of the time trying to use password spray and brute force in an attempt to steal login credentials to protected resources. North Korean malicious actors, on the other hand, rely on spear-phishing that could eventually help them steal credentials, and they do this with the help of emails claiming to come from recruiters.
Cerium has tried to use a COVID-19-related tactic, sending emails pretending to come from WHO officials and trying to steal the credentials of their gargets.
While Microsoft says its security products managed to block these attempts, it also warns that a growing number of attacks are aimed at companies trying to help the planet by developing a vaccine.
“These are just among the most recent attacks on those combating Covid-19. Cyberattacks targeting the health care sector and taking advantage of the pandemic are not new. Attackers recently used ransomware attacks to target hospitals and healthcare organizations across the United States,” the company says.
“Earlier in the pandemic, attacks targeted Brno University Hospital in the Czech Republic, Paris’s hospital system, the computer systems of Spain’s hospitals, hospitals in Thailand, medical clinics in the U.S. state of Texas, a health care agency in the U.S. state of Illinois and even international bodies such as the World Health Organization. In Germany, we recently saw the resulting threat to human health become tragic reality when a woman in Dusseldorf reportedly became the first known death as a result of a cyberattack on a hospital.”
Needless to say, organizations need to implement additional security protections, especially because it’s pretty clear the malicious actors won’t stop no matter what. And now that we’re getting closer to the first vaccine finally getting the go-ahead, expect their efforts to gain more traction.