Hackers are targeting prominent Covid-19 vaccine and drug makers: Microsoft

Hemani Sheth Mumbai | Updated on November 15, 2020

State-sponsored actors are increasingly targeting prominent companies involved in Covid-19 drug and vaccine development, warned Microsoft.

“In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for Covid-19,” Microsoft said in a blog post published earlier this week.

The tech giant said that cybercriminals were targeting leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States. These cyber-attacks came from Strontium, a threat actor originating from Russia, and two actors originating from North Korea dubbed Zinc and Cerium.

“Among the targets, the majority are vaccine makers that have Covid-19 vaccines in various stages of clinical trials. One is a clinical research organization involved in trials, and one has developed a Covid-19 test. Multiple organisations targeted have contracts with or investments from government agencies from various democratic countries for Covid-19 related work,” said Microsoft.

Strontium is using techniques such as password spraying and brute force login attempts to steal login credentials, while Zinc primarily relies on spear-phishing for credential theft. Cerium is also engaged in spear-phishing leveraging Covid-19 themed emails to lure victims while masquerading as World Health Organization representatives.

“We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help,” Microsoft said.

Similar attacks

Multiple cyberattacks on health systems have been reported in the past few months. Cybersecurity agencies across the globe have put out alerts and advisories for password spraying and phishing attacks on companies involved in Covid-19 vaccine and treatment development.

Most recently, in one of the first major hacking incidents in India, Dr Reddy Laboratories -- which is set to complete phase two trials of Covid vaccine candidate Sputnik V from Russia in India-- reported a hacking incident.

“In the wake of a detected cyber-attack, we have isolated all data centre services to take required preventive actions,” the company had informed the BSE last month.

Earlier this month, drugmaker Lupin also confirmed an “information security incident” that had affected its IT systems as per previous reports.

Multiple reports of cyber-attack from the United States linked to research facilities involved in developing vaccines against Covid-19 were also reported recently.

Published on November 15, 2020

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor