Skip to main content

Coronavirus vaccine researchers are being targeted by cyberattacks

Pharmaceutical companies and vaccine researchers working on a coronavirus vaccine have been the target of hacking attacks, a new report from Microsoft says. The company says these attacks are coming from nation-states, and it condemns the attacks and calls on other states to condemn them too.

Microsoft said in a blog post by Tom Burt, Corporate Vice President, Customer Security & Trust, that it has detected cyberattacks targeting both pharmaceutical companies and researchers in Canada, France, India, South Korea, and the U.S. Most of the attacks targeted organizations that were in the process of developing a coronavirus vaccine, especially those who were currently performing clinical trials.

Recommended Videos

“Among the targets, the majority are vaccine makers that have COVID-19 vaccines in various stages of clinical trials,” Burt wrote. “One is a clinical research organization involved in trials, and one has developed a COVID-19 test. Multiple organizations targeted have contracts with or investments from government agencies from various democratic countries for COVID-19 related work.”

Please enable Javascript to view this content

Microsoft says the attacks came from three actors: Strontium from Russia and two groups from North Korea named Zinc and Cerium. Each group has its own preferred method of hacking, with Strontium using brute force login attempts, in which computers generate and automatically test millions of passwords with the hope that they will happen upon a working password by chance which can then be used to access the system.

Zinc prefers to use spear phishing, in which a particular person, usually someone high up in an organization, is targeted with a phishing attack tailored to their personal situation. Microsoft gave the example of pretending to be a recruiter and emailing someone with what appears to be a job offer to lure them into sharing their credentials.

Cerium also used spear phishing, but instead of pretending to be a recruiter, they pretended to be representative of the World Health Organization and lured people in by discussing themes related to coronavirus.

Microsoft says it blocked many of these attacks with the security protections that are a part of its products and has offered to help organizations where attacks did get through. The company is also urging international leaders to be more proactive in protecting healthcare workers and researchers from cyberattacks.

Georgina Torbet
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
Shortage of laptops and PC components won’t be cleared until 2022
A top-down view of the Surface Laptop Go.

This year saw a large boom in sales of laptop and desktop computers, and many hardware manufacturers are still months behind fulfilling their orders and not expected to clear the backlog until 2022, Reuters reports.

With the global pandemic of coronavirus causing a huge surge in both remote learning and working from home, people across the globe have been purchasing laptops and desktops at a higher level than any time for more than a decade. At the same time that people were buying more computers, sales of smartphones slumped, as many decided to put off upgrading their handheld devices and instead spend their money on a larger device that was more useful for work or school.

Read more
If you’re after a PS5, you might have a chance to get one from Target tomorrow
Playstation 5 with disk drive

Playstation 5 with disk drive Sony

If you've been wanting a PlayStation 5 but haven't been able to get one this holiday season due to shortages, then good news -- you may have the chance to buy one at Target tomorrow.

Read more
Are you using any of these browser extensions? Uninstall them now
Microsoft Edge browser on a computer screen.

Extensions and add-ons are a great way to get more out of your browser, but they also offer a convenient route for cybercriminals to perform a variety of nefarious acts that could threaten the security of your PC and online activities.

Security firm Avast said this week that it has identified malicious software hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions. Stats from the web stores suggest the extensions have received 3 million downloads globally.

Read more