Microsoft revealed that it has tracked attempts by government-funded North Korean and Russian hackers to steal classified information from top biotech and vaccine research groups.
In a blog post published Friday, the tech company said that most of the cyberattacks in recent months were not successful, but it gave out no further detail on how many succeeded or how much damage they caused.
Microsoft said three government-sponsored hacking operations have been carried out against at least seven major companies involved in coronavirus vaccine treatments and studies.
The company said seven companies in Canada, the United States, India, France, and South Korea have been targeted. But while it said it was able to block the majority of the attacks, the software company admitted that some were successful.
Microsoft said a Russian group that goes by the name "Fancy Bear" and North Korean groups called "Cerium," and "Lazarus" (a.k.a. "Zinc") were involved in the recent hacking operations. The UK's National Cyber Security Centre has previously revealed Russian hackers were going after COVID vaccine research.
Most of the breach attempts involved the theft of login details of people connected with the targeted groups. The Lazarus Group, for instance, posed as a job recruitment company while Cerium went after spear-phishing emails that cloaked itself as messages from representatives of the World Health Organization, Microsoft disclosed.
Fancy Bear may be best known for its hacking operations and misinformation campaign in the run-up to the 2016 U.S. presidential election, but it has also been tagged as the culprit behind a series of other major breaches against broadcast and media organizations and businesses.
These cyberattacks are indications of the latest in a series of hacking incidents that have targeted the healthcare sector in the ongoing global health crisis. While healthcare groups have dealt with one of the deadliest pandemics in recent decades, hacking organizations have capitalized on the pandemic to boost their operations -- sometimes immobilizing the groups that are out there to help contain the disease.
According to Microsoft's customer security and trust director Tom Burt, these attacks are "unconscionable" and should be denounced by all civilized society. Earlier this year, the Federal Bureau of Investigation and Homeland Security warned that hackers would attempt to steal COVID vaccine research data.
Several organizations such as the Oxford Institute for Ethics, Law and Armed Conflict, and the CyberPeace Institute have made appeals to the world's governments to protect healthcare groups against hackers.
