North Korean hackers have reportedly coordinated cyberattacks against at least half a dozen drug companies working on coronavirus vaccines and treatments.
A notorious hacker group that the US government has called “Kimsuky” targeted the companies in the US, the UK and South Korea in an apparent effort to steal sensitive information that North Korea could either weaponize or sell to an outside drugmaker, according to The Wall Street Journal.
The hackers have worked on attacks since August against Johnson & Johnson and Novavax — two American companies with COVID-19 vaccines in the works — along with three South Korean firms that are developing drugs for the deadly virus, the paper reported Wednesday.
The revelations followed a Reuters report last week that hackers had also tried to break into the systems of AstraZeneca, the British drugmaker that’s claimed its COVID-19 shot is up to 90 percent effective.
The “Kimsuky” hackers have tried to ensnare victims by creating email accounts to pose as their colleagues or friends and sending messages with malicious attachments or links that can let hackers into the targets’ computers if they’re clicked on, according to the Journal.
It’s unclear whether the hackers have successfully stolen information from any of the companies, the reports said.
Two of the South Korean targets, Shin Poong Pharmaceutical and Celltrion, told the Journal they had been hit with hacks but had not found any damage, while the third, Genexine, said it hadn’t found any evidence of attempted hacking.
New Jersey-based Johnson & Johnson told the Journal that it’s watching out for threats to its data, and Maryland-based Novavax said it’s aware of foreign threats and is working with “appropriate government agencies and commercial cybersecurity experts.” AstraZeneca has declined to comment on the reported hacking attempts.
This isn’t the first sign of foreign hackers going after drug companies that are battling the coronavirus. Microsoft said last month that it detected cyberattacks against seven firms involved in researching vaccines and treatments that were linked to hacking groups in North Korea and Russia. British cybersecurity officials also accused Russian hackers in July of targeting organizations involved in coronavirus vaccine development.
Kim Jong Un’s administration in Pyongyang has previously denied carrying out cyberattacks in foreign countries. The Hermit Kingdom recently said it was tightening its boarders to build a “wall of defense” against COVID-19 even though it has claimed that it hasn’t had a single coronavirus case.
