[ad_1]
“Microsoft on the Issues” is the name of a blog from the US IT group that deals with social developments. In a blog post yesterday Friday, security experts reported on the activities of several criminal hacker groups. According to the post, these are currently aimed specifically at research and pharmaceutical companies whose work is related to the fight against the Covid-19 pandemic.
The authors of the article do not mention the names of the attacked companies, but mention that they are seven companies from Canada, France, India, South Korea and the United States. Among them are pharmaceutical companies whose vaccines are in different stages of clinical trials; Corona test manufacturers are also among the companies attacked. “We believe these attacks are unscrupulous and should be condemned by all civil societies,” the blog post states.
Brute force and phishing
As the masterminds behind the attacks, the article names three “nation-state” hacker groups, whose names are given as Strontium, Zinc and Cerium. Behind the name “Strontium” hides a group also known as “Fancy Bear”, “APT28”, “Pawn Storm” or “Tsar Team”; Kaspersky security experts call it the “Sofacy Group”. The group is associated with the Russian secret service GRU. According to Microsoft, it uses password spray and brute force attacks to gain access to user account data and sensitive information.
The group called “Zinc” by Microsoft is also known as the Lazarus Group by other security experts and is associated with the government of North Korea. According to Microsoft, it sends phishing emails specifically to obtain account data. Recently it was about e-mails with job offers. Hackers from the Cerium group are also said to carry out phishing attacks. Phishing emails from this group often pretend to be sent by the World Health Organization. Most cyberattacks were unsuccessful due to security measures, the blog authors write. In cases where hackers have achieved their goal, Microsoft has offered help to damaged companies.
During the three virtual days of the Paris Peace Forum that concluded yesterday Friday, Brad Smith, President Chief Legal Officer of Microsoft, called on governments of all countries to do more against attacks of this type. In the run-up to the conference, some 65 medical and pharmaceutical companies have called for greater Internet security. Microsoft offers healthcare organizations a special security service called “Microsoft AccountGuard for Healthcare” free of charge.
(bi)
.
[ad_2]
Source link
