Microsoft has detected cyberattacks from nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19, including in India.
The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the US, and came from Strontium, an actor originating from Russia, and two bad actors originating from North Korea called Zinc and Cerium.
Although Microsoft did not reveal the names of the vaccine makers, at least seven Indian pharma companies are working to develop a vaccine against coronavirus, led by Serum Institute and Bharat Biotech.
According to Microsoft, among the targets, the majority are vaccine makers that have COVID-19 vaccines in various stages of clinical trials.
Strontium continues to use password spray and brute force login attempts to steal login credentials. These are attacks that aim to break into people's accounts using thousands or millions of rapid attempts.
Zinc has primarily used spear-phishing lures for credential theft, sending messages with fabricated job descriptions pretending to be recruiters. Cerium engaged in spear-phishing email lures using COVID-19 themes while masquerading as World Health Organization representatives.
Cyberattacks targeting the health care sector and taking advantage of the pandemic are not new. Attackers recently used ransomware attacks to target hospitals and healthcare organizations across the US.
In May, a 136-strong group of the world's most prominent international law experts, in what has become known as the Oxford Process, issued a statement making it clear that international law protects medical facilities at all times.
In August, the Oxford Process issued a second statement emphasizing that organisations that research, manufacture and distribute COVID-19 vaccines are also protected.
Earlier this year, the CyberPeace Institute and International Committee of the Red Cross led an effort by 40 international leaders calling on governments to stop the attacks on healthcare.
In April, Microsoft announced that it was making AccountGuard, its threat notification service, available to health care and human rights organisations working on COVID-19.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)