According to Reuters, suspected North Korean threat actors have carried out targeted cyberattacks against COVID vaccine frontrunner, AstraZeneca, by means of phishing links disguised as job offers.
The race to finding a vaccine for the ongoing COVID-19 pandemic is heating up. Many of the probable candidates are on the verge of concluding their third and last round of human trials. Some have already done that with more than 90% efficacy against the virus.
The Frontrunner AstraZeneca
One of the frontrunners in this race is the European candidate AstraZeneca Pharmaceuticals. Since the outburst of the pandemic, all eyes have been on this pharma giant because researchers at Oxford had already partnered with them prior to the pandemic to develop a vaccine on the previously known strain of SARS-CoV-2, the virus that causes COVID-19.
However, in late October, while the company claimed success with its second phase of human trials, it began to worry about another possible attack, but that of a computer malware. According to Reuters, suspected North Korean threat actors began attempting to break into the systems of the pharma giant, and the attacks only intensified by November 2020.
We Have a Job Offer for You!
According to sources, the threat actors disguised themselves as recruiters on social networking site LinkedIn and messaging platform WhatsApp, to approach AstraZeneca staff with fake job offers. These offers consisted of documents and links to malicious codes that downloaded malware that exfiltrated victim’s computers’ credentials and eventually granted access to their machine.
Reuters said that sources who spoke on condition of anonymity said, “the tools and techniques used in the attacks showed they were part of an ongoing hacking campaign that U.S. officials and cybersecurity researchers have attributed to North Korea. The campaign has previously focused on defense companies and media organizations, but pivoted to COVID-related targets in recent weeks.”
North Korea – The Problem Child
Cyberattacks against the health care industry, vaccine researchers, and pharma companies have sky-rocketed during the pandemic to tamper with the research of other countries. However, there is one name that keeps popping up now and then: North Korea. This is not the first time that North Korea has been linked to such cyberattacks. Previously, governments around the globe, including the U.K., the U.S., Russia, and their immediate neighbors South Korea have all been accused of carrying out such activities. The most infamous of the lot was the WannaCry attack on the U.K.’s National Health Service (NHS) in 2017, which led to grievous temporary damage to the network security of the NHS.