Covid-19 has caused an increase in cybersecurity threats to vital organizations that deal with vaccine technology, its production, and distribution. The most advanced criminals are targeting hospitals, pharmaceutical companies, academic institutions, and health organizations to access any data connected to a possibility to tackle the pandemic that swiped the globe at the beginning of last year. It is in the economic, social, and health interest of several nation-states to get their hands on the data that can help them come in front in the race for the first effective cure. This week, it was reported that North Korea has targeted another organization to access information about the Covid-19 treatments and vaccine, highlighting cybersecurity threats.
Did North Korea Hack Pfizer And Access The Vaccine Information?
On Tuesday, the South Korean intelligence service reported that the North Korean hackers tried to access information about the Covid-19 vaccines and treatments. The initial reports stated that the vaccine targeted was Pfizer Inc. The information surfaced after Ha Tae-Keung, a member of the Korean parliament’s intelligence committee spoke out early on Tuesday and said that the National Intelligence Service told the lawmakers (him included) that Nort Korea hacked Pfizer in order to obtain technology details about the Covid-19 vaccine. Having said that, when the NIS came out with their own statement later that day, they said that no specific pharmaceutical company was named at the briefing for the lawmakers.
Ha Stands By His Word And Claims Pfizer Is The Company Targeted By The Cyber Attack
In a request for comment by the Associated Press, Ha stood by his word and claimed that NIS documents clearly stated that, “North Korea stole Pfizer (vaccine information) and attempted to steal (technology) from South Korean vaccine and pharmaceutical firms.”
He later added that the notion of Pfizer “was so clear that I didn’t even ask about that verbally”. Ha is an executive secretary for the intelligence committee and his responsibilities include briefing the information discussed at the closed-door meetings to the parliament and the press.
Pfizer’s South Korean office commented on the latest news saying that it was checking the allegations by Ha with the global headquarters of the pharmaceutical giant.
North Korea Linked To Several Cyber Attacks
North Korea has denied any involvement with the hack, however, it has previously been linked with several large-scale cyberattacks and experts agree that accessing the Covid-19 vaccine data is of vital importance to the country led by Kim Jong-Un. Although officially, North Korea remains one of the few countries that have not reported any Covid-19 cases, outside experts are very skeptical about these revelations.
While Kim Jong-Un refuses to admit that Covid-19 is a current health threat in North Korea, the country is in the line to receive almost 2 million doses of the AstraZeneca/Oxford vaccine that were manufactured in India.
North Korea’s borders have been closed since January 2020, soon after the first serious cases of the virus began to be reported by the Chinese news.
Cybercriminals In Russia And North Korea Pose Cybersecurity Threats To Vaccine Development
Already in November, Microsoft and a series of health organizations including Pfizer have admitted they were targeted by state-backed cybercriminal organizations in North Korea and Russia. Back then, it was reported that most of the attacks failed, however, Microsoft warned that some of the hacks were successful.
While North Korea is likely the most hermetic and closed society, it has an advanced cyber sector that it has previously used to target other countries. Thus, it was expected early-on that when it comes to illegally accessing Covid-19 vaccine technology information, North Korea will be one of the most active players.
Increased Overall Cybersecurity Threats In The Face Of Vaccine Development (Excluding North Korea)
Apart from the recent threats from North Korea, security experts, in general, are facing the increased wave of attacks that are targeting the technology behind the Covid-19 vaccine and the distribution process. The lengthy and complicated supply chain that is involved in producing and distributing the vaccines creates a myriad of opportunities for cybercriminals.
Security Levels Raised To Maximum: Is That Enough?
The levels of security intended to limit the threat of cyber attacks have been raised to the maximum. However, it seems these heightened security levels may not be enough. First of all, as experts are getting smarted with their defenses, cybercriminals are getting smarter with ways to go around them. Moreover, the targeted organizations include third parties and business partners of the pharmaceutical companies and these often have lower security levels. The organizations in particular danger include biomedical laboratories, hospitals, drug manufacturers, and academic institutions.
Countries Like North Korea Try To Develop The “Ideal” Vaccine, Hence, The Cybersecurity Threats
In the global race to find an effective vaccine, distribute it to the sufficient part of the citizens and tackle the largest global crisis that we have been facing for years, countries try to find ways to seek an advantage over each other. Being the pioneer in tackling the Covid-19 pandemic leads to extraordinary health and economic benefits and thus, everybody wants to be first in developing the “ideal” vaccine.
What we have to remember is that nation-states that want to use economic espionage are out for billions of dollars worth of intellectual property. Thus, they are mobilizing the most advanced cyber attackers. It is not just about the formula of the vaccine, any piece of information that details the trials or distribution, research proposals, drug development, manuscripts, virus testing, or manufacturing can be of high value to an organization or a nation-state that works on developing their own vaccine.
Attacks Will Get “Bigger And Bigger”
The global threat intelligence lead at IBM Security X-Force, Nick Rossman said, “We need to think about how big this attack surface is — it’s just going to get bigger and bigger.”
Rossman warns of the development of the hackers throughout the pandemic, “We’re seeing this continued campaign against the supply chain in particular. Now hackers are scoping out “companies or organizations that may not have been investing a ton in security but are now at the forefront of the distribution.”
Cybersecurity Threats To The Vaccine Can Lead To Serious Consequences
The Cybersecurity and Infrastructure Security Agency (CISA) continuously monitors the threats that have emerged as soon as the pandemic started. Every attempted attack can lead to serious consequences. Even something that may seem like a small, trivial delay in distribution leads to huge economic consequences and an increased death toll caused by the Covid-19 virus. To put it in perspective, at this point, almost 2.5 million people worldwide died of Covid-19, and 109 million cases have been reported. In the United States alone, approximately 500 000 people have died of Covid-19 and its complications since the pandemic began.
Josh Corman, chief strategist for health care and covid-19 says, “Adversaries [like criminal hackers] may not wish to cause loss of life or a national security event, but even something like ransomware can have an incredible impact,”
“Malicious intent is not a prerequisite to harm,” he adds.
If you like this article, you may also be interested in: