For the past few months, Microsoft has been actively fighting against cybercrime groups around the globe. In this time span, the company has reported and taken action against cyberattacks targeting the U.S. presidential elections, warded off an attack on Munich Security Conference attendees, and successfully disabled a portion of Trickbot's critical infrastructure.
Today, the firm is urging governments to take strict action against malicious actors targeting healthcare systems in various countries.
In a sternly worded blog post, Tom Burt, Corporate Vice President of Customer Security and Trust at Microsoft, has stated that attacks on healthcare institutions striving to curb the spread of the ongoing pandemic should be strongly condemned by everyone. The executive says that three groups are mainly responsible for these malicious activities, namely Strontium from Russia, and Zinc and Cerium from North Korea.
The Russian group - which was also involved in the offensive against U.S. elections - is using password spray and brute force login attempts to steal accounts. Meanwhile, members of Zinc and Cerium are both using spear-fishing methodologies. Microsoft says that all three groups have been targeting researchers and pharmaceutical companies working to develop COVID-19 vaccines. These targets have been situated in seven countries including Canada, France, South Korea, India, and the United States. Burt says that:
Today, Microsoft’s president Brad Smith is participating in the Paris Peace Forum where he will urge governments to do more. Microsoft is calling on the world’s leaders to affirm that international law protects health care facilities and to take action to enforce the law. We believe the law should be enforced not just when attacks originate from government agencies but also when they originate from criminal groups that governments enable to operate – or even facilitate – within their borders. This is criminal activity that cannot be tolerated.
[...] In the leadup to this year’s Paris Peace Forum, more than 65 health care-related organizations have joined the Paris Call for Trust and Security in Cyberspace. They include organizations like Merck working on vaccines, top hospitals like Hospital Metropolitano in Ecuador, and government health institutes like Poland’s National Institute of Public Health. There is no question the attacks we’ve seen in recent months are creating energy for action across the health sector. The Paris Call remains the largest multi-stakeholder coalition addressing these issues, and its first principle is the prevention of malicious cyber activities that threaten indiscriminate or systemic harm to people and critical infrastructure.
Microsoft has also detailed several other efforts that are taking place from various sectors in different countries, and has urged that world leaders also take steps in this direction and ensure that healthcare institutions are protected against malicious activities.