Your Voice, Our Headlines

Download Folkspaper App with no Ads!


A fast-growing newspaper curated by the online community.

Microsoft Says North Korea And Russia Are Trying To Hack Into Covid Vaccine Research

  • tag_facesReaction
  • Tip Bones

North Korea and Russia are attempting to hack some of the world’s most prominent coronavirus vaccine research, Microsoft revealed on Friday.

Tom Burt, Microsoft vice president of customer security and trust, wrote in a blog post that government hackers from both countries have, in recent months, targeted seven companies in the U.S., Canada, France, India, and South Korea involved in researching vaccines and treatments for COVID-19. While a majority of the attacks were blocked, Microsoft acknowledged that some attempts were successful. 

“The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States. The attacks came from Strontium, an actor originating from Russia, and two actors originating from North Korea that we call Zinc and Cerium,” Burt’s blog post read. “The majority of these attacks were blocked by security protections built into our products. We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help.”

The tech-giant has explicitly called out three distinct hacker groups for organizing the attacks. The Russian group, which Microsoft calls Strontium but is better known as APT28 or Fancy Bear, used password spraying attacks to target their victims, often involving recycled or reused passwords. Fancy Bear was also involved in hacking operations in the run-up to the 2016 presidential election. The group has also been in the spotlight for carrying out attacks on a string of other high-profile media outlets and businesses.

The other two groups are backed by the North Korean government. Zinc - as Microsoft calls it - is better known as the Lazarus Group. It used targeted spearphishing emails disguised as recruiters to steal passwords from victims. Lazarus was infamously blamed for the Sony hack in 2016 and the WannaCry ransomware attack in 2017. It has also been accused of numerous other malware-driven attacks.

There is little that is known about the North Korean-backed hacker group that Microsoft calls Cerium. The company also used spearphishing emails pretending to be representatives from the World Health Organization for its hacking operation. Burt mentioned that it was the first time Microsoft had referenced Cerium, but he did not get into details about the organized group. 

Government hackers targeting vaccine research are widely perceived to be conducting espionage for their own countries' vaccine efforts. No evidence shows that the hacking attempts are meant to cause intentional damage to the targeted organizations. Nevertheless, according to John Hultquist, the director of intelligence analysis at the cybersecurity company Mandiant Solutions, the operations can still damage vaccine research.

"North Korean actors have a history of carrying out an intrusion and then carrying out a destructive attack to make the forensic work very difficult. The idea that they could steal some covid-19 research and carry out a destructive attack is pretty serious," Hultquist says.

Microsoft president Brad Smith is now expected to address this issue at the Paris Peace Forum. According to reports, Smith will urge governments to adopt more drastic measures to combat cyberattacks against the healthcare sector.