Microsoft said Friday that it has witnessed efforts by state-backed Russian and North Korean hacking groups to target and steal valuable data from pharmaceutical companies and coronavirus vaccine researchers.
“In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19,” Tom Burt, the corporate vice president of Customer Security and Trust at Microsoft, wrote in a blog post. “The attacks came from Strontium, an actor originating from Russia, and two actors originating from North Korea that we call Zinc and Cerium.”
Burt said that the targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States.
He announced that the majority of the attacks were unsuccessful and “where the attacks have been successful, we’ve offered help.” However, he did not mention how serious the breaches were.
The company said that the Strontium hacking group was using “brute force login attempts” to access credentials for accounts of companies targeted, while the two North Korean hacking groups were mainly relying on malicious phishing emails to target the companies.
News of the attempted hackings come as the US gears up to distribute the vaccine against coronavirus. Pharmaceutical company Pfizer announced this week that they produced a vaccine that was found to be more than 90% effective in preventing COVID-19, according to an early analysis that included 94 confirmed cases of coronavirus in trial participants.
The company announced that its president Brad Smith is participating in the Paris Peace Forum on Friday “where he will urge governments to do more.”
“We believe the law should be enforced not just when attacks originate from government agencies but also when they originate from criminal groups that governments enable to operate – or even facilitate – within their borders.”