North Korea Accused Of Pfizer Vaccine Hack

South Korean intelligence officials have said that a recent attack on pharmaceutical company Pfizer, targeting information on coronavirus vaccines, was executed by North Korea in an attempt to steal Covid vaccine data. 

The intelligence service briefed lawmakers during a closed-door session. “There were attempts to steal Covid vaccine and treatment technology during cyber attacks and Pfizer was hacked,” said a South Korean National Assembly member, speaking to Reuters.

North Korea has reported no cases of Covid-19, although its borders remain closed in a national quarantine effort and, given the nature of the North Korean regime, it is highly improbable that Covid-19 is not present there. If South Korea’s intelligence is accurate, the attack on Pfizer is the latest in a number of attacks by N.Korea against organisations involved in the research and development of Covid-19 vaccines.  

If South Korea’s intelligence is accurate, the attack on Pfizer is the latest in a number of attacks by North Korea against organisations involved in the research and development of Covid-19 vaccines. 

The attacks, which took place several months ago, appear to involve the use of spoofed logon pages for various online portals, which trick staffers at the target organisations into handing over their passwords.  “Nation state hacking is nothing new, and is something North Korea has a history of. In the past few years alone, North Korea has been held responsible for a number of cyber attacks causing disruption and financial losses on an unprecedented scale. ...No other country in recent history has resorted to printing fake US dollars. No other country deploys ransomware to blackmail bitcoins from their victims. No other country hacks international banking networks in order to steal money. In that line of thinking, it wouldn’t be surprising for them to try to hack vaccine data either.” commented F-Secure chief research officer Mikko Hypponen

This isn't the first time North Korea has been accused of hacking systems around the world to obtain vaccine data. In November 2020 Microsoft said, "two actors originating from North Korea that we call Zinc and Cerium" that it alleged were "targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19." Many security observers believe that the motivation might be to sell vaccine data on the black market as well as to in develop its own vaccine. 

Digital espionage targeting health bodies, vaccine scientists and drug makers has surged during the COVID-19 pandemic as state-backed hacking groups scramble to secure the latest research and information about the outbreak.

Last year suspected North Korean hackers tried to break into at least nine health organisations, including Johnson & Johnson, Novavax Inc, and AstraZeneca. South Korea's intelligence agency said it had foiled North Korean attempts to hack into South Korean companies developing coronavirus vaccines. The attack, similar to the attacks believed to be of Russian origin late last year, are also believed to be by state-backed actors.

Recently the US Department of Justice (DoJ) has charged three North Korean computer programmers with hacking offences related to a number of high profile data breaches, including a high profile attack on Sony Pictures in 2014. The men have been accused of attempting to steal more than $1.3 billion in money and crypto currency from a number of businesses around the world.

Reuters:   ITPro:   Healthcare IT News:   Telegraph:      Al Jazeera:   BBC:   Computer Weekly:     Image: Unsplash

You Might Also Read: 

Successful Hack On EU Vaccine Agency:

 

« Properly Securing Your Cloud System
Connected Cars & Cyber Security »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Infosecurity Europe

Infosecurity Europe

Infosecurity Europe is Europe’s number one information security conference and exhibition.

CloudCodes Software

CloudCodes Software

CloudCodes is a cloud security solutions provider focused on providing cloud security solutions to enterprise customers.

InteliSecure

InteliSecure

InteliSecure offer Professional Services, Security Assessments and Managed Services for data and threat protection.

Security Brokers

Security Brokers

Security Brokers focus services and solutions with a focus on strategic ICT Security and Cyber Defense issues.

Crypta Labs

Crypta Labs

Crypta Labs is an Award Winning IOT Security startup that is developing a quantum-based encryption chip to secure the Internet of Things.

Cologix

Cologix

Cologix provides reliable, secure, scalable data center and interconnection solutions from 24 prime interconnection locations across 9 strategic North American edge markets.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

Cyble

Cyble

Cyble Vision enables faster detection of cyber threats and focuses on identifying and analysing the motivations, methods, capabilities and tools of adversaries.

Dashlane

Dashlane

Dashlane puts all your passwords, payments, and personal info in one place that only you control. So you can use them instantly. Securely. Exactly when you need them.

Periculus

Periculus

Periculus makes managing digital risk simple. Its integrated platform offers access to purchase cyber insurance and cyber security solutions uniquely tailored to fit the needs of every business.

Gunnison Consulting Group

Gunnison Consulting Group

Gunnison Consulting Group serves the Federal Government with high quality IT consulting services.

LogicGate

LogicGate

The LogicGate Risk Cloud™ is an agile GRC cloud solution that combines powerful functionality with intuitive design to enhance enterprise GRC programs.

Cyberani Solutions

Cyberani Solutions

Cyberani Solutions was created to fulfill the cybersecurity needs of industry and government in Saudi Arabia, and across the Middle East and North Africa regions.

Oduma Solutions

Oduma Solutions

Oduma Solutions is a wholly owned Ghanaian Cybersecurity company that offers information security services to organisations seeking to improve their security posture.

Aurva

Aurva

Aurva are a team of engineers, product thinkers, and security minds who believe that data security should be simple, powerful, and built for speed.

Sariya Information Technology

Sariya Information Technology

Sariya Co. Ltd. is a leading provider of value-added digital services and solutions, founded in 2002 in Saudi Arabia as a part of Al Kuhaimi Group.