UK COVID Vaccine Maker Targeted By Suspected North Korean Hack

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

December 9, 2020

It has been reported that UK drug company AstraZeneca has been targeted by suspected North Korean hackers thought to be looking for COVID vaccine secrets.

Used WhatsApp and LinkedIn

Over the last few weeks, attacks have reportedly been launched on AstraZeneca’s systems by hackers posing as recruiters.  The bogus recruiters used LinkedIn and WhatsApp to target AstraZeneca staff with fake job offers and hid malicious code/malware in the job description documents that were sent to those staff members. Opening the documents would have launched malware that would enable an attack on the drug company’s systems. 

COVID-19 Vaccine

Since the first attempts to develop a vaccine, governments and drug companies have warned about and prepared for state-sponsored attacks from many different countries.

AstraZeneca is currently one of the top three COVID-19 vaccine developers after working with Oxford University to develop a vaccine with an overall efficacy of 70 per cent, a lower one of 62 per cent, and a high of 90 per cent (for a half dose followed by a full dose).   In the US, the FDA has said that any COVID-19 vaccine must be at least 50 per cent effective to be useful in fighting the pandemic.

North Korean?

The attacks on AstraZeneca have been identified as likely to have been the work of North Korea-based hackers because the tools and techniques closely resemble those been used as part of an ongoing hacking campaign that first targeted defence and media company systems.

It is likely, therefore, that the shift in focus followed recent announcements of the success of the Oxford vaccine development.

China

Back in July, it was reported that hackers linked to the Chinese government had targeted vaccine research developer Moderna Inc in the U.S.

Microsoft Says “Cyberattacks Targeting Health Care Must Stop”

Microsoft recently posted on its blog to say that cyberattacks targeting health care must stop and identified Russian hackers known as “Strontium” and two hacking groups from North Korea known as “Zinc and Cerium” as being recent culprits.  Microsoft said that Strontium has been using password spray and brute force login attempts to steal login credentials, Zinc has been using spear-phishing lures for credential theft, and “sending messages with fabricated job descriptions pretending to be recruiters”.  Microsoft also reported that Cerium had been using “spear-phishing email lures using COVID-19 themes while masquerading as World Health Organisation”.

What Does This Mean For Your Business?

State-sponsored attacks and attempted interference in the processes of other countries are now widespread, expected, and is an area of a kind of ongoing ‘warfare’ that all countries must deal with. COVID-19 has severely damaged economies and laid waste to many businesses.  Getting effective vaccines approved and into the population of many countries is a vital step in enabling businesses to have a chance of finding more stability and making a recovery and, therefore, attacks on vaccine-makers are clearly a real cause for concern.  This is one of the reasons why Microsoft’s President Brad Smith, has recently called for more to be done by world leaders to take action to uphold international law that protects health care facilities and to enforce the law in attacks by government agencies and criminal groups that governments facilitate/enable to operate.

You May Also Like…

0 Comments

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.