North Korean hackers are suspected to have tried to break into the systems of AstraZeneca, the company working on a COVID-19 vaccine with Oxford University, Reuters reported two people with knowledge of the matter as saying.
According to the report, the hackers targeted employees of the company with fake job offers, which were followed by documents purporting to be descriptions that were instead laced with malicious code that would have granted them access to the victims’ computer. Some accounts were linked to Russian email addresses, possibly to mislead investigators, Reuters quoted a source as saying.
According to the report, the attack was most likely unsuccessful and targeted a “broad set of people” including staff working on COVID-19 research.
How it was known that the hackers were from North Korea was due to US cybersecurity researchers attributing the tools and techniques to those of the hermit kingdom. While the country had earlier targeted defence and media organisations, it appears to have shifted focus to COVID-19 related targets, Reuters quoted sources as saying.
The likely goal may have been to sell the information for a profit.
Earlier, Reuters reported that hackers from Iran, China and Russia all had attempted to break into the systems of leading drugmakers and even the World Health Organisation.
With the vaccine race heating up as multiple companies post Phase-3 trial results, AstraZeneca’s vaccine is among the top candidates globally due to its relative ease of refrigeration.
The news comes amid reports that North Korean Supreme Leader Kim Jong-Un has grown angry over the country's response to the coronavirus, locking down the capital of Pyongyang and ordering the execution of at least two officials. Fishing and salt extraction at sea has reportedly been banned in a bid to prevent COVID-19 infecton, AP reported South Korean spy agencies as telling lawmakers.
Companies across the world have seen a rise in the number of cyberattacks as COVID-19 forces more businesses to turn to remote work—putting a lot of sensitive data at risk as it enters the ecosystem of people’s relatively less protected home networks.
