The technology giant blamed the attacks on three distinct hacker groups. The Russian group aka Fancy Bear used password spraying attacks to target their victims, which often involves recycled or reused passwords. Fancy Bear may be best known for its disinformation and hacking operations in the run-up to the 2016 presidential election, but the group has also been blamed for a string of other high-profile attacks against media outlets and businesses.
The other two groups situated in North Korea, one of which is better known as the Lazarus Group, used targeted spear phishing emails disguised as recruiters in an effort to steal passwords from their victims. Lazarus was blamed for the Sony hack in 2016 and the WannaCry ransomware attack in 2017, as well as other malware-driven attacks.
But little is known about the other North Korea-backed hacker group, which Microsoft called Cerium. Microsoft said the group also used targeted spear phishing emails masquerading as representatives from the World Health Organization, charged with coordinating the effort to combat the COVID-19 pandemic.
A Microsoft spokesperson acknowledged it was the first time the company had referenced Cerium, but the company did not offer more.
This is the latest effort by hackers trying to exploit the COVID-19 pandemic for their own goals. Earlier this year, the FBI and Homeland Security warned that hackers would try to steal coronavirus vaccine research.
Today’s news coincides with the Paris Peace Forum, where Microsoft president Brad Smith will urge governments to do more to combat cyberattacks against the healthcare sector, particularly during the pandemic.
In the blog post, Corporate VP Tom Burt stated, “Microsoft is calling on the world’s leaders to affirm that international law protects health care facilities and to take action to enforce the law. We believe the law should be enforced not just when attacks originate from government agencies but also when they originate from criminal groups that governments enable to operate — or even facilitate — within their borders.”
These attacks represent just the latest in a long line of incidents that have targeted healthcare organizations during one of the most trying times in recent years. While healthcare organizations have been dealing with one of the most widespread pandemics in recent decades, hacking groups have taken advantage of the global crisis to increase their activity, sometimes targeting the organizations that were supposed to help fight this pandemic.
Instead of focusing on providing care to patients, hospitals have had to deal with ransomware attacks — such as those in the US, Germany, the Czech Republic, Spain, or Thailand.
Giant pharma firms such as Moderna, Dr. Reddy and Lupin have had to deal with intrusions into their networks instead of focusing on researching a vaccine or treatment plan, pharma companies have had to deal with intrusions into their networks.
These issues will be particularly challenging for organizations within the COVID-19 pandemic; therefore, administrators will need to balance this risk when determining their cybersecurity investments.
At BLAKFX we are on a mission to eliminate ransomware attacks and all cyber threats.
We all know that ransomware attacks have skyrocketed in the past year and currently represents the biggest threat to the data of government agencies, military, intelligence agencies as well as private enterprises. At BLAKFX, we have developed the first in the world Ransomware Auditing as a Service (RaaS) platform which allows our cyber security engineers to scan your network and simulate real-world ransomware attacks to determine the test the prevention, detection and mitigation strategies of your organization and establish how resilient your network is to real ransomware attacks. After the scan we provide a comprehensive report and our recommendations for remediation.
Further, if your firm/government are the victim of an actual ransomware attack, we are able to recover the data that has been hi-jacked during the attack and due to Helix22’s DNA BindingTM capability, restore it to its original state.
With Helix22 installed, firms can ignore the attack and simply extract the original encrypted data.
Firstly, attackers quite simply cannot exfiltrate any of the data they have tried to hi-jack. The Helix22 encryption protects all data at rest, in use or in transit. Therefore, the threat of a leak does not exist. Secondly, we utilize our patented Ransomware Auditing as a Service (RaaS) platform for auditing, prevention and recovery from Ransomware attacks. Therefore, even if data has been rendered inaccessible, we can retrieve it. Therefore, is is not a data hostage situation either.
With no threat of a leak and the ability to retrieve all the original data, ransomware attacks are defeated.
Ransomware Auditing as a Service (RaaS)
BLAKFX and the Helix22 data security SDK delivers all this security assurance very confidently due to our genius engineering team that has invented a new model for data security that required an innovative look at the problem. The approach we took was to protect the data itself. Almost all other data security products try to build a perimeter or being fanatic on user identification. However, once the product is breached or a password is stolen, your firms data is in the clear.
You see, the Helix22 cryptography is embedded with the data itself through our inventive and patented process of DNA BindingTM. Therefore, even if a breach were to occur the data cannot be exfiltrated. This means that all your firm/nations data is 100% protected regardless of the type of attack. Further, Helix22 protects data at rest, in use and in transit. No other data security can make that claim. Artificial Intelligence and Machine Learning experimentation runs and generates incalculable amounts of data. All is protected at its inception.
We can make this claim as the tech engineers at BLAKFX invented and patented a genuine user2user (U2U) encryption. We manage data security transmission through the truly brilliant and also patented universal Helix22 key service. The Helix22 encryption originates on your network or device, not just when the app is opened. This means, that when data arrives to our key server, it is already encrypted so all it needs to do is issue another key. Signal and Telegram cannot claim this level of security. This key will then only work with the intended device, which generates a matching key required to open the data. In this protocol, we are truly a “zero-knowledge” server so your communications and transmissions remain completely top secret. Even in the event that BLAKFX were subpoenaed, we can honor the request by just handing over the encrypted content…as that is literally all we have. Helix22 also only use keys just one-time and then destroys them. This way the data security is future forward prefect. Therefore, in our unique user-to-user encryption (U2U) world, there is no opportunity at all for any data leak.
This same protocol just described, can be the same with all your 3rd party vendors and suppliers. It does not matter in the least what platform they are running or what device they are using or even the type of data, it is all 100% protected. We do however, strongly advise that all firms involved be utilizing Helix22 due to the nature of the data content. Helix22 can ensure that whatever data they are generating is protected as well.
Let’s take it a step further. Even if your organization were a victim of an internal attack or a victim of malicious open source downloads, there is no reason for concern. Any data that has been forwarded, downloaded, copied or saved cannot be exfiltrated. Period. We have the technology industries foremost data packets which are protected with multi-layered, military grade encryption algorithms that have already proven the ability to withstand penetration testing from MI5 and quantum computing attacks.
One final practical genius of DNA BindingTM is in that it is immediately compatible with whichever system or software you are utilizing. Therefore, any organization can forward information to another and then discuss it and there is immediate privacy.
BLAKFX is Based on Success
Founder – Robert Statica PhD Founder – Kara Coppa Founder – Alex Maslov MS, MBA
Co-Founders of Wickr KatimTM Ultra Secure Smartphone
Our founders, Robert Statica PhD and Kara Coppa, also founded Wickr, which is used by the US military and has never been hacked since its inception in 2012. The Helix22 data security SDK is several generations enhanced since then. Dr. Statica also delivered the encryption for the world’s most secure phone, Katim.
Finally, the Helix22 encryption is quantum computing ready so no need to redo all your data security methodologies in a couple of years when everything else becomes obsolete.
We like to refer to Helix22 as “22nd Century Data Security.”