Microsoft said Friday that it had found more evidence that hacking groups backed by Russia and some now by North Korea were continuing their attempts to steal information from pharmaceutical companies and researchers involved in developing treatments and vaccines for Covid-19.
The names of the targeted firms, including some that have contracts with the United States government, were not announced; Microsoft said it could only reveal that information with the permission of the firms. But it said seven companies were on the receiving end of the hacking activity, most of which was unsuccessful.
But officials made clear they believe some of the hacks worked — though they do not know whether proprietary research was stolen.
The seven firms were in the United States, Canada, South Korea, France and India.
Ever since the coronavirus crisis began, Chinese and Russian groups have been hacking into research centers and hospitals. Microsoft identified the Russian hacking group as Strontium, also known as Fancy Bear, which is known for the hacking operations into the Democratic National Committee and other American targets in the 2016 presidential election.
The North Korean hackers are best known as the Lazarus Group, which was involved in the 2014 hack of Sony Pictures Entertainment and the WannaCry attack ransomware that crippled the British health care system.
Microsoft identified another North Korean group that it called Cerium.
On top of the threat of being hacked, hospitals all over the country have been targeted in a scourge of ransomware attacks in recent months. In September, an attack on Universal Health Services, which runs more than 400 hospitals throughout the country, became the largest medical cyberattack in history.
By David E. Sanger