Microsoft announces that 'Russia and North Korea have hacked research organizations related to the new coronavirus'



Microsoft has announced that North Korean and Russian hacker organizations have launched cyberattacks targeting 'organizations researching vaccines and treatments for Coronavirus disease (COVID-19).' According to Microsoft, cyberattacks have targeted seven major pharmaceutical companies and individual researchers in the United States, Canada, France, India and South Korea.

Cyberattacks targeting health care must stop --Microsoft on the Issues
https://blogs.microsoft.com/on-the-issues/2020/11/13/health-care-cyberattacks-covid-19-paris-peace-forum/


Microsoft that are cited as the main culprit of cyber attacks, the Russian government is of the hacker organization to help Strontium (aka Fancy Bear and, APT28), the North Korean government of hacker organizations that support Zinc (aka Lazarus Group , Hidden Cobra) and It is ' Cerium '.

The majority of targets are vaccine manufacturers that are already in the clinical trial stage for research on the new coronavirus vaccine. In addition, clinical research organizations involved in the test and manufacturers who developed tests for the new coronavirus are also targeted. Also, some targets are backed up by government agencies.

Strontium is said to be stealing login credentials with a ' password spray attack ' that attacks a combination of ID and password in a brute force manner. In addition, Zinc and Cerium are said to be stealing their credentials by conducting phishing attacks that send malicious files and links to individual researchers by email disguised as related parties. However, Microsoft claims that most of these attacks were blocked by Microsoft security protections and provided support if the attacks were successful.

Cyberattacks targeting these healthcare facilities are nothing new. There have already been multiple reports of hospitals being selected as targets for ransomware attacks that restrict access to the system and demand a ransom, and in September 2020 the system was locked by a ransomware attack and patient acceptance was accepted. As a result of being unable to do so, a patient who was being transported by an ambulance died.

The first case of a patient dying as a result of a hospital being hit by a ransomware is reported-GIGAZINE



It has also been found that The Duke (also known as APT29), a hacker organization supported by the Russian government like strontium, has hacked targets of organizations involved in the development of the new coronavirus vaccine.

Report that a group of hackers whispering Russian government involvement is hacking a research organization for the new coronavirus vaccine --GIGAZINE



'We believe that cyberattacks that confuse medical institutions fighting pandemics are out of the ordinary and should be blamed by all civilized societies,' Microsoft said. He urges that medical facilities should not be targeted by cyber attacks.

in Security, Posted by log1i_yk