As the world has adapted to the challenges of remote and virtual work due to COVID-19, Microsoft has reported that nation-state actors are targeting healthcare organizations more, particularly companies involved in researching vaccines and treatments for COVID-19. These increasing cyberattacks threaten COVID-19 vaccines and treatments once readily available.
In the past few months, there has been an increased risk of cyberattacks as most organizations have established protocols to work from home at least till spring 2021. As reported by Microsoft, three nation-state actors have targeted seven prominent pharmaceutical companies in a bid to steal research data and vaccine plans in Canada, France, India, South Korea, and the United States. Microsoft says the attacks originate from Russia from a nation-state actor dubbed Strontium and North Korea called Zinc and Cerium.
The targets chosen by these nation-state actors include many vaccine makers that have Covid-19 vaccines in various stages of clinical trials. One of the targets also consists of a clinical research organization involved in trials, and one more that has developed a Covid-19 test. Many of these targeted organizations have finalized contracts or investments with government agencies in various countries for COVID-19 related work.
The pandemic has triggered a wave of cybersecurity threats, a recent survey by Black Hat found. 94% of those surveyed in the recent poll suggested that COVID-19 has increased the cyber threat to enterprise systems and data. The experts surveyed said that remote work was a potential risk, with 72% saying quarantined home workers could expose organizations to risk by breaking policy and not reporting cybersecurity threats.
Strontium, a Russian attacker, has been using password spray and brute force login attempts to steal login credentials. These are attacks that aim to break into people’s accounts using thousands or millions of rapid attempts. Zinc, on the other hand, has primarily used more conventional spear-phishing lures for credential theft, sending messages with fictitious job descriptions pretending to be recruiters. Cerium, meanwhile, is also engaged in spear-phishing email lures using COVID-19 themes masked as World Health Organization representatives. While most of these attacks were blocked by Microsoft’s in-built security protections in different products, it does bring to fore the pitfalls of a rapidly transforming digital landscape around the world.
However, these cyberattacks are not the first time this year that the healthcare sector has been targeted. The pandemic has led to a wave of ransomware attacks in the United States, most recently infecting a University of Vermont network in New York and Vermont. Earlier in the pandemic, attacks targeted Brno University Hospital in the Czech Republic, Paris’s hospital system, the computer systems of Spain’s hospitals, hospitals in Thailand, medical clinics in the U.S. state of Texas, a health care agency in the U.S. state of Illinois and even international bodies such as the World Health Organization.
Healthcare organizations must adapt to the digital roadmap critical for the next phase of COVID-19. For this, investing in virtual products and services that are safe and backed up by leaders in cybersecurity like Microsoft is incredibly important for North America’s healthcare sector.
