Latest in Gear

Image credit: boonchai wedmakawand via Getty Images

Microsoft: State-backed hackers targeted COVID-19 vaccine creators

Russia and North Korea are the alleged culprits.
Jon Fingas, @jonfingas
November 14, 2020
Comments
326 Shares
Share
Tweet
Share

Sponsored Links

Researching vaccine to novel coronavirus 2019-nCoV. Close-up shot of a scientist preparing glass slide.
boonchai wedmakawand via Getty Images

State-sponsored campaigns to hack COVID-19 vaccine makers might be more commonplace than previously thought. According to ZDNet, Microsoft has detected hacks from three “nation-state actors” targeting seven pharmaceutical firms and researchers, including the US as well as Canada, France, India and South Korea. The software giant didn’t name the targets, but said the “majority” are involved in coronavirus vaccine development and research.

The campaigns reportedly come from Russia’s APT28, better known as Fancy Bear or Strontium, as well as North Korea’s Lazarus Group (aka Zinc) and a new Cerium outfit. Fancy Bear used brute force and “password spray” attempts to steal sign-in credentials, while Lazarus and Cerium have leaned on spear phishing efforts to impersonate recruiters and the World Health Organization.

Microsoft said that its products blocked most of the attempts, and that it was offering help in cases where the intruders were successful.

The news comes as Microsoft president Brad Smith is joining others in urging Paris Peace Forum countries to declare that international law protects the healthcare industry and to do a better job of enforcing that law.

As the Swiss Federal Institute of Technology’s Stefan Soesanto told ZDNet, however, Microsoft might not find a receptive audience. Many countries don’t have the legal resources to protect healthcare, while others aren’t interested or are launching hacks themselves. For now, vaccine researchers may have to rely on their own defenses to protect sensitive medical data against theft.

In this article: Microsoft, APT28, Fancy Bear, Russia, north korea, zinc, Lazarus Group, Covid-19, coronavirus, Vaccine, vaccines, Health, Medicine, security, Strontium, Cerium, spear phishing, gear
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
326 Shares
Share
Tweet
Share

Popular on Engadget

Two weeks with Apple Fitness+

Two weeks with Apple Fitness+

View
2021 could be a great year for 'alternative' consoles

2021 could be a great year for 'alternative' consoles

View
Pixel phones only use Adaptive Charging if your alarm is set between certain hours

Pixel phones only use Adaptive Charging if your alarm is set between certain hours

View
Watch the Boston Dynamics robot family dance like 2020 was a good year

Watch the Boston Dynamics robot family dance like 2020 was a good year

View
A Redditor is squeezing entire movies onto a single floppy disk

A Redditor is squeezing entire movies onto a single floppy disk

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr