Microsoft has not revealed the name of the targets. But it has revealed that all these companies are either involved in vaccine trial or developing a Covid-19 test etc.
Hindustan Times, New Delhi | By hindustantimes.com | Edited by Poulomi Ghosh
UPDATED ON NOV 13, 2020 10:14 PM IST
Hackers from Russia and North Korea are trying to steal valuable data from pharmaceutical companies engaged in vaccine research and development, Microsoft has said in a blog post on Friday. Most of the attacks were unsuccessful, it said but there is no data on how serious are these attacks and whether any of these attacks met success.
Here is all you need to know
1. Microsoft has identified three attackers: Strontium from Russia and Zinc and Cerium from North Korea.
2. The targets are seven prominent companies in Canada, France, India, South Korea and the US.
3. Microsoft has not revealed the name of the targets. But it has revealed that all these companies are either involved in vaccine trial or developing a Covid-19 test etc.
4. Elaborating on how these hackers are operating, Microsoft said Strontium continues to use password spray (an attack that attempts to access a large number of accounts with a few commonly used passwords) and brute force (guessing the password) login attempts to steal login credentials.
5. Zinc has primarily used spear-phishing (targeted hacking which sends personal emails pretending to know the user), sending messages with fabricated job descriptions pretending to be recruiters. Cerium is masquerading as World Health Organization representatives.
Chinese state-backed hackers have also been targeting vaccine-makers, the US government said in July while announcing criminal charges.
(With Agency Inputs)