Content, Breach

North Korean Hackers Targeted Pfizer, South Korea Claims


North Korean cyber operatives have attempted to break into the servers of drug manufacturer Pfizer to steal information on its COVID-19 vaccine, the Washington Post reported.

South Korean lawmakers were reportedly informed of the hack by the nation’s intelligence agents during a private meeting, the newspaper said. It is not known when the hack occurred or if the hackers made off with any intellectual property or other valuable material. "The cyberattacks included an attempt to steal covid-19 vaccine and treatment technology, to which Pfizer was subject," Ha Tae-keung, a member of South Korea's National Assembly's intelligence committee, told news outlets.

North Korea has repeatedly said that the coronavirus has not permeated the communist nation. Nonetheless, Pyongyang will be shipped some two million doses of the AstraZeneca-Oxford University vaccine, reports said.

Since the beginning of the pandemic, hackers have repeatedly tried to hijack critical information from pharmaceutical companies and medical facilities. North Korean cyber infiltrators, in particular, have a growing rap sheet of COVID-related attacks. Last December, Pyongyang-tied hackers tried to steal vital data from at least six pharmaceutical companies developing COVID-19 vaccines. The targeted drug makers included U.S.-based Johnson & Johnson and Novamax; AstraZeneca, South Korea-located Genexine, Shin Poong Pharmaceutical and Celltrion.

A month earlier, Microsoft said it had blunted a majority of attacks launched by North Korean and Russian state-backed hackers on unnamed pharmaceuticals companies located in Canada, France, India, South Korea and the U.S. researching COVID vaccines. But some blitzes had gotten through, officials said.

In addition to hacks attributed to North Korean crews, other cyber adversaries have launched offensives on immunization research and development. For example, last July, the U.S., U.K. and Canadian national security officials accused Russian cyber spies of attempting to steal COVID-19 vaccine research, fingered the notorious, Kremlin-linked cyber crew CozyBear of trying to pilfer supply chain information from medical research facilities and healthcare organizations.

Two months earlier, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warned Chinese government-backed hackers to lay off trying to steal COVID-19 related intellectual property and public health data from healthcare organizations and research organizations involved in vaccine development. At the same time, CISA and the United Kingdom’s National Cyber Security Centre (NCSC) warned that advanced persistent threat actors are probing for COVID-19 intellectual property on national and international healthcare policy along with sensitive research data.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.