North Korean hackers have reportedly launched coordinated cyberattacks against at least six drug makers working on developing coronavirus vaccines and therapeutics in America, the United Kingdom, and South Korea.
In mid-September, FBI Director Christopher Wray warned U.S. lawmakers that foreign hackers, particularly from China and Russia, are trying to steal U.S. coronavirus vaccine research and testing technology and engaging in efforts to disrupt the American government’s response to the ongoing pandemic.
The U.S. intelligence community’s annual Worldwide Threat Assessment has long listed North Korea’s cyber capabilities as a threat to America.
Citing unnamed people familiar with the matter, the Wall Street Journal revealed Wednesday that the attackers wanted sensitive coronavirus research information that the rogue North Korean regime could weaponize or sell on the black market.
“It wasn’t known whether the hackers succeeded in swiping useful information. But North Korea has coordinated attacks on the six companies since August, the people said,” the Journal noted, adding:
The [potentially hacked] firms include previously unreported targets in the U.S.: Johnson & Johnson and Maryland-based Novavax Inc., which are both working on experimental vaccines, the people said. The list also includes three South Korean companies with Covid-19 [Chinese coronavirus] drugs in earlier clinical trials, Genexine Inc., Shin Poong Pharmaceutical Co. and Celltrion Inc., they added.
North Korea had also tried infiltrating U.K.-based AstraZeneca PLC, whose vaccine co-developed with the University of Oxford, has been shown to be as much as 90% effective and is seeking emergency approval, the people said. On Friday, Reuters reported that suspected North Korean hackers had tried to break into the systems of AstraZeneca, citing unnamed sources.
Two days after the Journal’s revelations, IBM reportedly cautioned that hackers from a potential “nation-state” targeted the coronavirus supply chain, without naming the suspect.
In a blog post, IBM explained that the hackers targeted the vaccine “cold chain,” which ensures that inoculations reach their destination while preserved in temperature-controlled environments during storage and transportation, the Hill pointed out on Thursday.
On Friday, ABC News added:
As a global race for the coronavirus vaccine heats up, IBM warned Thursday that it detected a phishing email scam spanning six countries aimed at organizations that are keeping the COVID-19 vaccine supply chain moving.
The cybersecurity researchers said they could not identify who was behind the campaign, but the precision and skills “hold the potential hallmarks of nation-state tradecraft.”
The targets of the scheme included the European Commission’s Directorate-General for Taxation and Customs Union, as well as other organizations with headquarters in Germany, Italy, South Korea, Czech Republic, and Taiwan.
According to IBM, the cyberattacks started in September 2020, targeting organizations that were likely associated with Gavi, the Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) program spearheading efforts to distribute a potential vaccine to developing nations.
“We assess that the purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution,” IBM security researchers wrote, according to ABC.
If successful, hackers’ disruptions could cost many lives as the virus has reached record levels in several regions globally, particularly the West.
Britain has already approved a vaccine for emergency use — the one developed by American company Pfizer and Germany’s BioNtech. U.S. officials are supposed to follow suit this month.
A significant hurdle of distributing the Pfizer vaccine is that officials must store it in extremely low-temperature freezers.
In July, the U.S. Department of Justice (DOJ) unsealed an 11-count indictment against two Chinese nationals accused of running a global hacking campaign that targeted American companies researching a vaccine for personal gains and behalf of communist China.
Last month, Microsoft warned that Russian and North Koran hackers target pharmaceutical companies and coronavirus vaccine researchers.