Tom Burt, corporate vice president for customer security and trust at Microsoft, said the company has found nation-state hacking operations that have targeted seven companies developing vaccines and other potential treatments for the novel coronavirus.
Burt wrote in a blog post published Friday the three state-sponsored hackers launched cyberattacks on vaccine researchers and drugmakers in the U.S., Canada, South Korea, France and India.
Microsoft linked the attacks to a Russian group known as "Strontium" and North Korean groups the technology firm calls "Cerium" and "Zinc."
According to Burt, Strontium works by stealing login credentials through password spraying and brute force login methods.
He noted that Cerium poses as representatives from the World Health Organizations to perform COVID-19 phishing scams while Zinc pretends to be recruitment entities in credential phishing campaigns.
"We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help," Burt noted.
Microsoft began offering its AccountGuard security service to health care, humanitarian and human rights organizations at no cost to inform frontline workers of cybersecurity threats.