Microsoft wants Russian and North Korean hacking groups to just cut it out already.
In a Nov. 13 blog post, Microsoft’s vice president of customer security and trust, Tom Burt, details repeated efforts by state-sponsored hacking groups to infiltrate companies around the globe. And unlike the popular conception of hackers targeting customers for profit, the victims this time around are working to develop vaccines and treatments for COVID-19.
Hospitals and medical researchers have, in the past, been casualties of state-sponsored hacking efforts. However, the latest efforts from one Russian and two North Korean groups — which Microsoft claims involve spear phishing and password spraying — represent the continuation of a disturbing new trend.
“Among the targets, the majority are vaccine makers that have Covid-19 vaccines in various stages of clinical trials,” writes Burt. “One is a clinical research organization involved in trials, and one has developed a Covid-19 test.”
This is not the first time we’ve heard about hackers going after coronavirus researchers. In July, the Department of Justice unsealed an indictment accusing two Chinese hackers of “[probing] for vulnerabilities in computer networks of companies developing COVID-19 vaccines, testing technology, and treatments.”
That same month, the UK’s National Cyber Security Centre published a report accusing a Russian hacking group, known as Cozy Bear, of “[targeting] various organisations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines.”
In other words, this isn’t a new problem. As such, in Friday’s blog post, Burt argues that an international coalition is needed to properly address this.
“At a time when the world is united in wanting an end to the pandemic and anxiously awaiting the development of a safe and effective vaccine for Covid-19,” writes Burt, “it is essential for world leaders to unite around the security of our health care institutions and enforce the law against cyberattacks targeting those who endeavor to help us all.”
ที่มา : Mashable