Russia and North Korea launch ‘disturbing’ cyberattacks on Covid vaccine labs

We will use your email address only for sending you newsletters. Please see our Privacy Notice for details of your data protection rights.

The US software giant has called the attacks “criminal activity that cannot be tolerated”, and is urging governments to act. The firm says the targets include healthcare research companies in Canada, the US, France and more.

It comes as companies around the world rush to develop vaccines and other treatments to halt the spread of COVID-19.

Microsoft has said it has detected attacks from three sources – one in Russia and two in North Korea.

It referred to the Russian actors as ‘Strontium’ and to the North Korean ones as ‘Zinc’ and ‘Cerium’.

Strikingly, it said the “majority” of the attacks targeted firms involved in vaccine development, including one conducting trials.

Microsoft said: “We think these attacks are unconscionable and should be condemned by all civilized society.

“Two global issues will help shape people’s memories of this time in history – Covid-19 and the increased use of the internet by malign actors to disrupt society.

READ: China and Russia could be banned from takeover of UK companies over national security

“It’s disturbing that these challenges have now merged as cyberattacks are being used to disrupt health care organizations fighting the pandemic.

“Today, we’re sharing more about the attacks we’ve seen most recently and are urging governments to act.”

Cyber attacks that had come from Russia tended to use what Microsoft called “brute force login attempts” in order to access information.

Boris Johnson coronavirus fears: Prime Minister breaks silence on self-isolation scare [INSIGHT]
Nigel Farage fumes at coronavirus ‘mess’ after being told to quarantine after Trump visit [ANALYSIS]
Coronavirus crisis: ‘Mammoth’ vaccine rollout may cause NHS to ‘buckle’ under pressure [INFO]

These attempts – known as password spray attacks – can use millions of password guesses in rapid succession.

The North Korea-based ‘Zinc’ and ‘Cerium’ attacks took a different approach. These took the form of phishing scams, whereby the scammers pose as someone else in order to trick the victim into giving out information.

In this case, the North Korean organisations posed as job recruiters and World Health Organisation representatives in emails.

Microsoft said it had blocked most of the attacks using security software installed in its products – though it admitted some had been successful.

The firm added: “We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help.

“We believe the law should be enforced not just when attacks originate from government agencies but also when they originate from criminal groups that governments enable to operate – or even facilitate – within their borders.”

The cyberattacks are not the only ones to have targeted healthcare organisations in recent times.

Last month, the US Cybersecurity and Infrastructure Security Agency, along with the FBI, warned of “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers”.

The warning came amid what analysts have called a “wave of ransomware attacks” which hit as many as 20 medical facilities in the country.

Tom Hottman, a spokesperson for Sky Lakes Medical Center, which was affected, told NBC News the attacks had impacted on radiation treatments for cancer patients.

He added: “We’re still able to meet the care needs for most patients using work-around procedures, i.e. paper rather than computerized records. It’s slower but seems to work.”

Source: Read Full Article