Microsoft: Russian, North Korean Cyberattacks Target COVID-19 Vaccine Efforts

Microsoft said Friday it has detected at least seven attacks on companies working to develop a COVID-19 vaccine or treatments. From a report: The company said attacks by three nation-state actors — two from North Korea and one from Russia — have targeted companies in Canada, France, India, South Korea and the United States. “Two global issues will help shape people’s memories of this time in history — COVID-19 and the increased use of the internet by malign actors to disrupt society,” Microsoft deputy general counsel Tom Burt said in a blog post. “It’s disturbing that these challenges have now merged as cyberattacks are being used to disrupt health care organizations fighting the pandemic.” Attackers have used a range of approaches including phishing schemes and brute force to get needed passwords, with one group tied to North Korea posing as the World Health Organization in its spear-phishing effort. Microsoft said its built-in security protections stopped a majority of the attacks. “We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help,” Burt said.