Most forays stopped by security protections surrounding COVID-19 vaccine
Cyberattacks that originated in North Korea and Russia have been targeting companies conducting research for a COVID-19 vaccine and treatment, Microsoft said in a new blog post. The company says the attacks were aimed at seven leading pharmaceutical companies and researchers in the US, Canada, France, India, and South Korea.
“Among the targets, the majority are vaccine makers that have COVID-19 vaccines in various stages of clinical trials,” according to the blog post by Tom Burt, Microsoft corporate vice president of customer security and trust. Microsoft didn’t name the companies, or provide details about what information may have been stolen or compromised, but said it had notified the organizations and offered help where the attacks were successful.
According to Microsoft, the majority of the attacks were blocked by its security protections.
The hackers used various methods to carry out the attacks, according to the blog post, including brute force login attempts to steal login credentials, as well as spear-phishing attacks where the hackers posed as recruiters seeking job candidates, and as representatives of the World Health Organization.
“It’s disturbing that these challenges have now merged as cyberattacks are being used to disrupt health care organizations fighting the pandemic,” Burt wrote. “We think these attacks are unconscionable and should be condemned by all civilized society.”
The attacks come in the wake of new vaccine candidates announced by AstraZeneca, Moderna, and Pfizer during the month of November. The vaccines are thought to have efficacy of 90 percent of greater, and could see an initial rollout as soon as December. Experts believe that most of the general population will see the vaccines become available toward the middle of 2021.