Microsoft: Russian, North Korean cyberattacks target COVID-19 vaccine efforts

Microsoft said Friday it has detected at least seven attacks on companies working to develop a COVID-19 vaccine or treatments.

Details: The company said attacks by three nation-state actors — two from North Korea and one from Russia — have targeted companies in Canada, France, India, South Korea and the United States.

What they're saying: "Two global issues will help shape people’s memories of this time in history — COVID-19 and the increased use of the internet by malign actors to disrupt society," Microsoft deputy general counsel Tom Burt said in a blog post.

• "It’s disturbing that these challenges have now merged as cyberattacks are being used to disrupt health care organizations fighting the pandemic."

Between the lines: Attackers have used a range of approaches including phishing schemes and brute force to get needed passwords, with one group tied to North Korea posing as the World Health Organization in its spear-phishing effort.

• Microsoft said its built-in security protections stopped a majority of the attacks.
• "We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help," Burt said.

The big picture: The attacks come amid growing threats to health care providers and nongovernmental agencies, including ransomware attacks against hospitals.

• Microsoft noted that it made its AccountGuard notification service available starting in April to human rights and health care organizations working on coronavirus-related efforts, signing up 195 such groups.