Russian and North Korean hackers target Covid 19 vaccine researchers

We are in the middle of the second Wave of the Coronavirus around the world. Those infected soar, and although we have the good news about the vaccines from the Pfizer company and the Moderna company, it will still take weeks, months, to see the results. Therefore, other companies continue to work on their own vaccines is a priority. But some are suffering inexplicable cyberattacks with the sole purpose of harming not those companies themselves, but the entire world.

Cyber ​​attacks against pharmaceutical companies and researchers

Cyber ​​attacks are being used to annoy health care organizations fighting the pandemic. Attacks that the Microsoft security team has analyzed and they tell us in an official post on their blog which groups are attributed to. In recent months, “we have detected cyberattacks by three cybergroups targeting seven major companies directly involved in the research of vaccines and treatments for Covid-19 “. Among the targets are major pharmaceutical companies and vaccine researchers from Canada, France, India, South Korea and the United States.

The attacks came from the hacker group Strontiun, originally from Russia, and two groups from North Korea that Microsoft calls Zinc and Cerium. Among the objectives of these three groups is the majority attack on vaccine manufacturers who have Covid-19 vaccines in various stages of clinical trials. One is a clinical research organization participating in the trials, and another has developed a test for Covid-19.

Password Spray

The Russian group Strontium eyou are using for your cyberattacks the ‘Password Spray’ technique and attempts to brute force access (Brute Force), to steal access credentials. These are attacks that aim to break into people’s accounts using thousands or millions of quick attempts to find one that works.

North Korean Zinc Group has mainly used Phishing ‘hooks’ to steal credentials, sending messages with fabricated job descriptions pretending to be recruiters.

The North Korean group Cerium He engaged in phishing hooks from fake emails using Covid-19 themes while posing as representatives of the WHO, the World Health Organization.

Most of these attacks were blocked by the security protections that Microsoft has implementedt, notifying all target organizations of what happened. Although also “there have been cases in which the attacks have been successful”, at which time “we have offered help” to the affected companies.

Cyberattacks against Hospitals

These are just some of the most recent attacks on those fighting Covid-19, but the truth is that cyberattacks targeting the health sector and taking advantage of the pandemic are not new, since We have been suffering from it since the beginning of it in February – March. Cybercriminals have targeted hospitals and healthcare organizations across the United States. Previously, during the pandemic, attacks were directed against:

– The Brno University Hospital in the Czech Republic

– The Paris hospital system

– The computer systems of hospitals in Spain

– Hospitals in Thailand

The medical clinics of the US state of Texas, a health care agency of the US state of Illinois and even international organizations such as the World Health Organization.

– In GermanyWe recently saw the resulting threat to human health become a tragic reality when a woman in Dusseldorf reportedly became the first known death as the result of a cyberattack on a hospital.