Cyberattacks that originated in North Korea and Russia have been targeting companies conducting research for COVID-19 vaccines and treatments, Microsoft said in a new blog post. The company says the attacks were aimed at seven leading pharmaceutical companies and researchers in the US, Canada, France, India, and South Korea.
“Among the targets, the majority are vaccine makers that have COVID-19 vaccines in various stages of clinical trials,” according to the blog post by Tom Burt, Microsoft corporate vice president of customer security and trust. Microsoft didn’t name the companies, or provide details about what information may have been stolen or compromised, but said it had notified the organizations and offered help where the attacks were successful.
According to Microsoft, the majority of the attacks were blocked by its security protections.
The hackers used various methods to carry out the attacks, according to the blog post, including brute force login attempts to steal login credentials, as well as spear-phishing attacks where the hackers posed as recruiters seeking job candidates, and as representatives of the World Health Organization.
“It’s disturbing that these challenges have now merged as cyberattacks are being used to disrupt health care organizations fighting the pandemic,” Burt wrote. “We think these attacks are unconscionable and should be condemned by all civilized society.”
New coronavirus cases are on the rise across the US and other parts of the world, but there are some promising signs in the development of a vaccine. Pfizer and BioNTech announced their vaccine was 90 percent effective at preventing symptomatic COVID-19 in clinical trials. That preliminary data hasn’t been examined by independent researchers yet, but experts called the news “extremely encouraging.” And a vaccine candidate from Moderna is expected to release initial data soon.