Coronavirus in numbers

Russian and North Korean hackers attempting to steal valuable vaccine data, says Microsoft

US government previously warned Chinese hackers were attempting to steal vaccine information

Matt Mathers@MattEm90
Friday 13 November 2020 15:48

Russian and North Korean hackers have attempted to steal "valuable" coronavirus vaccine data, Microsoft has said.

State-backed actors tried to obtain information from pharmaceutical companies and vaccine researchers working on the jab, the firm added.

Microsoft wrote in a blog post on Friday that most of the attacks in the past few months have been foiled.

The tech giant did not elaborate on whether the hackers had made any successful attempts at breaching the companies' IT systems or put a figure on how many attacks had taken place.

It comes just a day after Dr Anthony Fauci announced that a vaccine programme would be rolled in the US by December, with ordinary Americans getting the shot by spring.

Dr Fauci also said that the US is about to approve a second vaccine, following Pfizer and BioNTech's breakthrough earlier this week.

Most of the companies and researchers targeted by the hackers were based in Canada, France, India, South Korea and the United States, according to Microsoft.

The targets, which Microsoft has not named, were “directly involved in researching vaccines and treatments for COVID-19" and most had candidates in various stages of clinical trials.

Microsoft cyber security experts identified Russia's state-backed hacking outfit, Strontium, as one of the groups trying to steal information.

“Strontium continues to use password spray and brute force login attempts to steal login credentials,” said Tom  Burt, Microsoft’s vice president of customer security.

“These are attacks that aim to break into people’s accounts using thousands or millions of rapid attempts.”

A group named Zinc a second known as Cerium were behind the North Korean efforts to compromise companies’ networks.

“Zinc has primarily used spear-phishing lures for credential theft, sending messages with fabricated job descriptions pretending to be recruiters,” Mr Burt added.

“Cerium engaged in spear-phishing email lures using Covid-19 themes while masquerading as World Health Organization representatives. The majority of these attacks were blocked by security protections built into our products.”

Mr Burt said all the targeted organisations have been notified and offered help to bolster their security systems.

Russian hackers attempted to steal information from companies and researchers based in Britain, the UK's National Cyber Security Center said in July.

China has also launched an online campaign to steal information, according to the US government, which announced charges in July.

While virus vaccine hope is running high, the coronavirus continues to rip through huge swathes of the US.

Health officials on Thursday reported some 163,000 new infections in the previous 24 hours - a new daily record, according to New York Times data. 

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments