Russian and North Korean hackers tried to steal Covid vaccine secrets from SEVEN companies across world, Microsoft says

THREE hacking groups launched cyber attacks in a disturbing bid to steal Covid vaccine secrets, Microsoft says.

According to the US tech giant, one of the groups is backed by Vladimir Putin's Kremlin while the other two are from North Korea.

⚠️ Read our coronavirus live blog for the latest news & updates

Microsoft said it has detected attempts by the rogue hackers to steal valuable data from leading pharmaceutical companies and vaccine researchers.

It said in a blog post today that most of the attacks in recent months were unsuccessful, but provided no information on how many succeeded or how serious those breaches were.

The cyber raids targeted vaccine manufacturers, a clinical research firm and one that developed a coronavirus test, Microsoft said.

It did not name the targets but said most had vaccine candidates in various stages of clinical trials.

The companies were located in the US, Canada, India, South Korea and France, the tech firm says.

One of the hacking groups involved is the infamous 'Fancy Bear' – a Russian military asset which previously attacked the German parliament.

Two others were North Korea's 'Lazarus Group' and a group Microsoft calls 'Cerium'.

In July, another Russian group 'Cozy Bear' was identified by UK cyber cops as being behind similar assaults on British companies developing vaccines.

The break-in efforts revealed by Microsoft involved attempts to steal the login credentials of people associated with the targeted organisations.

The Lazarus Group posed as job recruiters while Cerium used spear-phishing emails masquerading as messages from World Health Organization staff, Microsoft said.

The blog post coincided with an appearance by Microsoft president Brad Smith at the Paris Peace Forum calling on nations to protect health care facilities from cyberattacks.

Optimism about a Covid-19 vaccine has grown since pharmaceutical giant Pfizer announced this week that data showed its remedy to be 90 per cent effective.

At the same time, coronavirus cases are surging around the world.

In the US, deaths per day have soared more than 40 per cent over the past two weeks to an average of more than 1,100, the highest level in three months.

And in Europe, both France and England have imposed national lockdowns to curb the spread of the killer respiratory disease.


Who are Russian hacker group APT29 or ‘Cozy bear’?

Advanced persistent threat (APT) group Cozy Bear have been trying to crack into Britain's tightly held information on a coronavirus vaccine.

The group – which are believed to be linked to Russian's intelligence services – were also behind the 2016 hacking of the Pentagon, the Democratic National Committee and several US NGOs.

Cozy Bear – also known as "the Dukes" have been active since at least 2008, according to researchers at Slovak cybersecurity company – who have been tracking the group since 2013.

They've also been dubbed the "Office Monkeys" because of their high-profile attack on the US Government in 2014.

The hackers use email phishing to launch their cyber attacks – and in 2014 passed security malware by using a comedic video of monkeys working in an office.

After disappearing following the 2016 cyber attacks, Cozy Bear made a come back launching a bid to hack customers that work the the US government agencies using similar tactics as their previous campaigns.

The name "the Dukes" comes from one of their primary cyber weapons known as MiniDuke.

Source: Read Full Article