North Korea seems to be getting desperate to resolve the COVID-19 crisis even when the country has not yet officially reported any positive cases. Its southern counterpart has accused them of launching a cyberattack against COVID-19 vaccine maker, Pfizer. This is the second attack reported in the past three months; the first being against AstraZeneca.
COVID Vaccine Frontrunner AstraZeneca Targeted by Suspected North Korean Threat Actors
North Korea Targets Pfizer
North Korea has been previously accused of targeting the then COVID-19 vaccine frontrunner, AstraZeneca, to know more about its research. The alleged threat actors used social engineering techniques and baited the employees of AstraZeneca with phishing emails containing fake job offers. They hid malicious links and attachments in these emails that led to the download of data exfiltrating malware. Although the attack was not so successful, it gave impetus to the North to try it on other vaccine makers as well. Thus, taking a cue from its previous campaigns, North Korea has now targeted another vaccine maker, Pfizer.
The accusation has been made by Ha Tae-Keung, a South Korean lawmaker and opposition party member of the parliament. After a security briefing from the National Intelligence Service (NIS), Ha told reporters, “There were attempts to steal COVID vaccine and treatment technology during cyberattacks, and Pfizer was hacked.” The NIS though has remained tight-lipped and only accepted that a record of multiple security incidents was discussed in the security briefing without accepting or rejecting Ha’s claims of Pfizer being compromised. The NIS though did mention that it has successfully averted all attacks from the North directed towards its own COVID vaccine research.
As per Reuters, Pfizer’s offices in Asia and South Korea have not yet commented on Ha’s revelations. However, Ha did provide a picture of the notes he had taken during the briefing, but this is not enough to prove anything as of now, and we will have to sit tight to know more. If it is true, there are two conclusions for the motive behind the attack:
- North Korea wants to steal vaccine data and COVID-19 research information to develop its own indigenous vaccine.
- They wish to sell this information to another country or organization in exchange for a huge sum to support other activities.
Meanwhile, North Korea is set to receive around two million doses of the AstraZeneca/Oxford University vaccine later this year, via the Covax programme.
“The battle for the vaccine market to launch cyberattacks has already begun”