Hackers working for the Russian and North Korean governments have targeted more than half a dozen organizations involved in COVID-19 treatment and vaccine research around the globe, Microsoft said on Friday.
The software company said a Russian hacking group commonly nicknamed “Fancy Bear” – along with a pair of North Korean actors dubbed “Zinc” and “Cerium” by Microsoft – were implicated in recent attempts to break into the networks of seven pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States.
Microsoft said the majority of the targets were organizations that were in the process of testing COVID-19 vaccines. Most of the break-in attempts failed but an unspecified number succeeded, it added.
Few other details were provided by Microsoft. It declined to name the targeted organizations, say which ones had been hit by which actor, or provide a precise timeline or description of the attempted intrusions.
Earlier in July, a Russian hacking group was accused of targeting coronavirus vaccine research in Canada, the U.S. and the U.K., according to a joint statement from the three countries’ cybersecurity agencies.
The Russian embassy in Washington – which has repeatedly disputed allegations of Russian involvement in digital espionage – said in an email on Friday that there was “nothing that we can add” to their previous denials.
North Korea’s representative to the United Nations did not immediately respond to messages seeking comment. Pyongyang has previously denied carrying out hacking abroad.
The allegations of cyber espionage come as world powers are jockeying behind the scenes in the race to produce a vaccine for the virus.
They also highlight how Microsoft is pressing its case for a new set of global rules barring digital intrusions aimed at healthcare providers.
Microsoft executive Tom Burt said in a statement his company was timing its announcement with Microsoft President Brad Smith’s appearance at the virtual Paris Peace Forum, where he would call on world leaders “to affirm that international law protects health care facilities and to take action to enforce the law.”
In May, the Communications Security Establishment (CSE) and the Canadian Security Intelligence Service warned that Canada’s research on the response to the COVID-19 pandemic is at an “elevated level of risk” for state-sponsored hacking and espionage. The agency warned organizations to take further actions to protect their information.
— With files from Andrew Russell, Global NewsView link »