North Korea Accused Of Pfizer Vaccine Hack

South Korean intelligence officials have said that a recent attack on pharmaceutical company Pfizer, targeting information on coronavirus vaccines, was executed by North Korea in an attempt to steal Covid vaccine data. 

The intelligence service briefed lawmakers during a closed-door session. “There were attempts to steal Covid vaccine and treatment technology during cyber attacks and Pfizer was hacked,” said a South Korean National Assembly member, speaking to Reuters.

North Korea has reported no cases of Covid-19, although its borders remain closed in a national quarantine effort and, given the nature of the North Korean regime, it is highly improbable that Covid-19 is not present there. If South Korea’s intelligence is accurate, the attack on Pfizer is the latest in a number of attacks by N.Korea against organisations involved in the research and development of Covid-19 vaccines.  

If South Korea’s intelligence is accurate, the attack on Pfizer is the latest in a number of attacks by North Korea against organisations involved in the research and development of Covid-19 vaccines. 

The attacks, which took place several months ago, appear to involve the use of spoofed logon pages for various online portals, which trick staffers at the target organisations into handing over their passwords.  “Nation state hacking is nothing new, and is something North Korea has a history of. In the past few years alone, North Korea has been held responsible for a number of cyber attacks causing disruption and financial losses on an unprecedented scale. ...No other country in recent history has resorted to printing fake US dollars. No other country deploys ransomware to blackmail bitcoins from their victims. No other country hacks international banking networks in order to steal money. In that line of thinking, it wouldn’t be surprising for them to try to hack vaccine data either.” commented F-Secure chief research officer Mikko Hypponen

This isn't the first time North Korea has been accused of hacking systems around the world to obtain vaccine data. In November 2020 Microsoft said, "two actors originating from North Korea that we call Zinc and Cerium" that it alleged were "targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19." Many security observers believe that the motivation might be to sell vaccine data on the black market as well as to in develop its own vaccine. 

Digital espionage targeting health bodies, vaccine scientists and drug makers has surged during the COVID-19 pandemic as state-backed hacking groups scramble to secure the latest research and information about the outbreak.

Last year suspected North Korean hackers tried to break into at least nine health organisations, including Johnson & Johnson, Novavax Inc, and AstraZeneca. South Korea's intelligence agency said it had foiled North Korean attempts to hack into South Korean companies developing coronavirus vaccines. The attack, similar to the attacks believed to be of Russian origin late last year, are also believed to be by state-backed actors.

Recently the US Department of Justice (DoJ) has charged three North Korean computer programmers with hacking offences related to a number of high profile data breaches, including a high profile attack on Sony Pictures in 2014. The men have been accused of attempting to steal more than $1.3 billion in money and crypto currency from a number of businesses around the world.

Reuters:   ITPro:   Healthcare IT News:   Telegraph:      Al Jazeera:   BBC:   Computer Weekly:     Image: Unsplash

You Might Also Read: 

Successful Hack On EU Vaccine Agency:

 

« Properly Securing Your Cloud System
Connected Cars & Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Paessler

Paessler

Paessler is a leading worldwide provider of network monitoring software.

Citicus

Citicus

Citicus provides world-class security, risk and compliance management software, plus supporting services.

ITRenew

ITRenew

ITRenew is a leading global IT lifecycle management solutions company, specializing in onsite data center decommissioning and data erasure services.

Intercast Global

Intercast Global

Intercast's mission is to be a strategic resource to our clients in Risk Reduction. We are a global leader in cyber security staffing and consulting to the enterprise.

Pinpoint Search Group

Pinpoint Search Group

Pinpoint Search Group's recruiters specialize in Information Management, Cyber Security, Cloud and Robotic Process Automation (RPA).

Global Accelerator Network (GAN)

Global Accelerator Network (GAN)

Global Accelerator Network are a highly curated community of independent Accelerators, Partners and Investors.

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo is the UK’s largest cloud and cyber security event.

QNu Labs

QNu Labs

QNu Labs’s quantum-safe cryptography products and solutions assure unconditional security of critical data on the internet and cloud across all industry verticals, globally.

AaDya

AaDya

AaDya provide smart, simple, affordable and effective cybersecurity software solutions for small and medium businesses.

Commonwealth Cyber Initiative (CCI)

Commonwealth Cyber Initiative (CCI)

The Commonwealth Cyber Initiative is establishing Virginia as a global center of excellence at the intersection of security, autonomous systems, and data.

Truesec

Truesec

TRUESEC has an exceptional mix of IT specialists. We are true experts in cyber security, advanced IT infrastructure and secure development.

LastPass

LastPass

LastPass provides award-winning password and identity management solutions that are convenient, effortless, and easy to manage.

Secora Consulting

Secora Consulting

Secora Consulting is a professional services company specialising in tailored cybersecurity assessments and cyber advisory services.

Sitehop

Sitehop

Sitehop is a cybersecurity technology company developing and supplying FPGA hardware-enforced cyber security solutions for networks.

aFFirmFirst

aFFirmFirst

aFFirmFirst is a unique software solution offering a simple yet effective way for businesses to protect and control their online images and logo, as well as allowing one-click website verification.

IT Solutions Consulting

IT Solutions Consulting

IT Solutions is a full-service IT partner providing managed services and other information technology solutions nationwide.