The alert was a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).
According to a CERT Alert, both U.S. and U.K. “”are currently investigating a number of incidents in which threat actors are targeting pharmaceutical companies, medical research organizations and universities”.
“CISA and NCSC continue to see indications that advanced persistent threat (APT) groups are exploiting the Coronavirus Disease 2019 (COVID-19) pandemic as part of their cyber operations.”
The attackers are using “password spraying”, a brute force attack in which the attacker tries commonly used passwords against many accounts.
The alert does not specify which countries are actively attacking the US/UK targets.