Summary List Placement
State-backed hackers are trying audacious tactics to break into the systems of COVID-19 vaccine-makers.
In a blog post Friday, Microsoft detailed several attempted cyberattacks it had detected in recent months that targeted companies working on COVID-19 vaccines and treatments. Microsoft said three state-hacking groups, one Russian and two from North Korea, conducted the attacks.
Although it did not name the targets, Microsoft said they included seven “prominent” companies involved in researching COVID-19 vaccine and treatment development across the US, Canada, France, India, and South Korea.
One of the North Korean groups, known as Cerium, tried to gain access by posing as World Health Organization officials.
“Cerium engaged in spear-phishing email lures using COVID-19 themes while masquerading as World Health Organization representatives,” Microsoft said.
Spear-phishing is a type of email scam where attackers pose as someone their target trusts to try to glean confidential information.
The other North Korean hacking group, known as Zinc, also used spear-phishing, although it chose a significantly less high-profile disguise. According to Microsoft, its hackers posed as recruiters, and sent emails with fake job descriptions.
The Russian group, named Strontium, used a brute-force technical approach known as “password spray.”
“These are attacks that aim to break into people’s accounts using thousands …read more
Source:: Businessinsider – Tech