Tom Burt, corporate vice president for Microsoft's customer security and trust explains recent cyberattacks by Russian and North Korean actors against pharmaceutical companies and researchers racing to develop COVID-19 vaccine in the Microsoft website on Friday. (Screen captured from Microsoft blog)
WASHINGTON -- US tech giant Microsoft has detected cyberattacks from three foreign entities, including two from North Korea, against companies and research institutes working to develop a COVID-19 vaccine, a company official said Friday, urging government action to protect such facilities.
“In recent months, we‘ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19,” Tom Burt, vice president for customer security and trust, wrote in a blog posted on the Microsoft website.
Burt said the seven companies included “leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States.”
“The attacks came from Strontium, an actor originating from Russia, and two actors originating from North Korea that we call Zinc and Cerium,” he added.
The Microsoft official said North Korean hackers used spear-phishing emails, “masquerading as World Health Organization representatives” to break into those companies and steal their information.
“The majority of these attacks were blocked by security protections built into our products. We’ve notified all organizations targeted, and where attacks have been successful, we‘ve offered help,” he wrote.
Burt insisted the recent attacks against vaccine developers are “unconscionable and should be condemned by all civilized society.”
“Microsoft is calling on the world’s leaders to affirm that international law protects health care facilities and to take action to enforce the law,” he added.
North Korea is said to maintain an army of up to 6,000 hackers, with most of them based in other countries, including China and Russia.
The communist state has often been implicated in cyberattacks aimed at stealing money from banks and other financial institutions around the globe. (Yonhap)