Russian hackers target Covid 19 researchers


We are in the middle of the second Wave of the Coronavirus around the world. Those infected soar, and although we have the good news of the vaccines from the Pfizer company and the Moderna company, it will still take weeks, months, to see the results. Therefore, other companies continue to work on their own vaccines is a priority. But some are suffering inexplicable cyberattacks with the sole purpose of harming not those companies themselves, but the entire world.

Cyber ​​attacks against pharmaceutical companies and researchers

Cyber ​​attacks are being used to annoy health care organizations fighting the pandemic. Attacks that the Microsoft security team has analyzed and they tell us in an official post on their blog which groups are attributed to. In recent months, “we have detected cyber attacks by three cyber groups targeting seven major companies directly involved in research on vaccines and treatments for Covid-19.” Among the targets are major pharmaceutical companies and vaccine researchers from Canada, France, India, South Korea and the United States.

The attacks came from the hacker group Strontiun, originally from Russia, and two groups from North Korea that Microsoft calls Zinc and Cerium. Among the objectives of these three groups is the majority attack on vaccine manufacturers that have Covid-19 vaccines in various stages of clinical trials. One is a clinical research organization participating in the trials, and another has developed a test for Covid-19.

Password Spray

– The Russian group Strontium is using the ‘Password Spray’ technique and brute force access attempts (Brute Force) for its cyberattacks, to steal access credentials. These are attacks that aim to break into people’s accounts using thousands or millions of quick attempts to find one that works.

See Also
Increase in covid-19 cases in SP hospitals

– The North Korean group Zinc has mainly used Phishing ‘hooks’ to steal credentials, sending messages with fabricated job descriptions pretending to be recruiters.

– The North Korean group Cerium engaged in phishing hooks from fake emails using Covid-19 themes while posing as representatives of the WHO, the World Health Organization.

Most of these attacks were blocked by the security protections that Microsoft has in place, notifying all target organizations of what happened. Although also “there have been cases in which the attacks have been successful”, at which time “we have offered help” to the affected companies.

Cyberattacks against Hospitals

These are just some of the most recent attacks on those fighting Covid-19, but the truth is that cyberattacks targeting the health sector and taking advantage of the pandemic are not new, since we have been suffering from it since the beginning of it in February March. Cybercriminals have targeted hospitals and healthcare organizations across the United States. Previously, during the pandemic, attacks were directed against:

– The Brno University Hospital in the Czech Republic

– The Paris hospital system

– The computer systems of hospitals in Spain

– Hospitals in Thailand

– Medical clinics in the US state of Texas, a health care agency of the US state of Illinois, and even international bodies such as the World Health Organization.

– In Germany, we recently saw the resulting threat to human health become a tragic reality when a woman in Dusseldorf reportedly became the first known death resulting from a cyberattack on a hospital.


Please enter your comment!
Please enter your name here