BOSTON – Microsoft said it has detected attempts by state-backed Russian and North Korean hackers to steal valuable data from leading pharmaceutical companies and vaccine researchers.
It said in a blog post Friday that most of the attacks in recent months were unsuccessful, but provided no information on how many succeeded or how serious those breaches were.
Chinese state-backed hackers have also been targeting vaccine-makers, the U.S. government said in July while announcing criminal charges.
Microsoft said most of the targets — located in Canada, France, India, South Korea and the United States — were “directly involved in researching vaccines and treatments for COVID-19.” It did not name the targets but said most had vaccine candidates in various stages of clinical trials.
The company identified one of the state-backed hacker groups as Fancy Bear, the Russian military agents who Britain’s National Cyber Security Center said in July were behind such intrusion attempts. Two others were North Korea’s Lazarus Group and a group Microsoft calls Cerium.
Most of the break-in efforts involved attempts to steal the login credentials of people associated with the targeted organizations. The Lazarus Group posed as job recruiters while Cerium targeted spear-phishing emails that masqueraded as missives from World Health Organization representatives, Microsoft said.
The blog post coincided with an appearance by Microsoft president Brad Smith at an international forum calling on nations to protect health care facilities from cyberattacks. This year, the Paris Peace Forum is taking place online.
Optimism about a COVID-19 vaccine has grown since pharmaceutical giant Pfizer announced earlier this week that preliminary data showed its vaccine to be 90% effective.
At the same time, coronavirus cases are surging. In the U.S., deaths per day have soared more than 40% over the past two weeks to an average of more than 1,100, the highest level in three months.