Technology giants Microsoft has said it has spotted three state-sponsored hacking operations, or APTs, that have targeted as many as seven leading companies involved in the research and manufacturing of Covid-19 vaccines.
The software behemoth traced the attacks back to one cybercriminal in Russia and two North Korean hacking groups.
Called Strontium (aka Fancy Bear, APT28), the Russian group has hired password spraying and brute-force login attempts to gain login credentials, infiltrate victim accounts, and make off with important information.
The first North Korean group, known as Zinc (or the Lazarus Group), has chiefly depended on spear-phishing email drives by sending messages with fictitious job descriptions, feigning to be recruiters, and targeting employees working at the targeted companies.
The second North Korean cybercriminal, known as Cerium, seems to be a new group, which is said to be engaged in spear-phishing attacks.
The company says these attacks targeted vaccine makers that have coronavirus vaccines in several stages of medical trials, a clinical research organization engaged in trials, and one that developed a COVID-19 test.
According to Microsoft, the companies were located in Canada, France, India, South Korea, and the United States.
These attacks epitomize just the latest in a long line of events that have beset healthcare organizations during one of the most annoying times in recent years. While healthcare organizations have been grappling with one of the most prevalent epidemics in recent decades, hacking groups have exploited the global calamity to raise their activity, occasionally targeting the organizations that were supposed to help battle the coronavirus.