The tech giant said hackers had tried to access the networks of more than a dozen organisations around the world. The North Korean teams – dubbed “Zinc” and “Cerium” by Microsoft – have been implicated in recent attempts to break into the networks of seven pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States.
The software company said a Russian hacking group commonly nicknamed “Fancy Bear” was also involved.
Microsoft said the majority of the targets were organisations that were in the process of testing COVID-19 vaccines.
It said most of the break-in attempts failed but an unspecified number succeeded.
The company declined to name the organisations targeted by the hackers or say which ones had been successfully hit.
Microsoft executive Tom Burt said: “We think these attacks are unconscionable and should be condemned by all civilised society.
“We’re sharing more about the attacks we’ve seen most recently and are urging governments to act.
“At a time when the world is united in wanting an end to the pandemic and anxiously awaiting the development of a safe and effective vaccine for COVID-19, it is essential for world leaders to unite around the security of our healthcare institutions and enforce the law against cyberattacks targeting those who endeavour to help us all.”
The Russian embassy in Washington – which has repeatedly disputed allegations of Russian involvement in digital espionage – said in an email that there was “nothing that we can add” to their previous denials.
Russia is keen to roll out its own Sputnik V vaccine which Kremlin official claim was 92 percent effective in protecting people from COVID-19 in interim trials.
North Korea’s representative to the United Nations did not immediately respond to the allegations but Pyongyang has previously denied carrying out hacking abroad.
The cyber espionage claims as Microsoft continues to press its case for a new set of global rules barring digital intrusions aimed at healthcare providers.
Mr Burt said company was timing its announcement with Microsoft President Brad Smith’s appearance at the virtual Paris Peace Forum, where he would call on world leaders “to affirm that international law protects health care facilities and to take action to enforce the law.”
Earlier this year UK Foreign Secretary Dominic Raab warned Vladimir Putin’s spies had tried to steal British scientists’ vital research into the pandemic.
The attacks were thought to be part of a drive by Mr Putin’s spies to make sure Russia becomes the first to develop a vaccine.
Pharmaceutical research organisations in the UK, US and Canada were said to have been targeted in the criminal operation.
And earlier this month the FBI issues cyber-security alerts amid fears Russia-based crime gangs were trying to disable US hospitals and healthcare providers with ransomware attacks.
Medical directors in New York, Oregon, and Washington state all reported attempts to infiltrate their systems as they struggled to cope with an influx of COVID-19 patients.