North Korea may have hacked into Pfizer servers looking for COVID data

Intrusion attempts on Pfizer servers have North Korea's fingerprints all over them, according to the South Korean NIS.
Enlarge / Intrusion attempts on Pfizer servers have North Korea’s fingerprints all over them, according to the South Korean NIS.

This morning, South Korean intelligence officials warned the country’s lawmakers of North Korean attempts to hack into a “local drug manufacturer” to illicitly obtain COVID-19 vaccine and treatment data.

As reported by The Washington Post, South Korean intelligence services committee member Ha Tae-Keung told reporters that the data sought included COVID-19 vaccine and treatment technology. Tae-Keung went on to say that South Korea detected a 32 percent year-on-year increase in North Korean cyber-attack attempts.

Pfizer has so far refused comment, leaving details vague on when the hack occurred or how successful it might have been. The newly reported hack attempts follow a spate of similar state-sponsored attempts against health organizations that Microsoft reported in November 2020. According to Microsoft, those attempts were made by Russian group Fancy Bear, along with North Korean groups Zinc and Cerium.

North Korea’s state media has not responded so far to the South Korean accusations. North Korea claims to be entirely free of COVID-19 infections—which should probably be evaluated alongside the country’s claims that Kim Jong-Il’s first-ever round of golf came in 38 under par or that successor Kim Jong-Un learned to drive at age 3 and beat champion sailing yacht racers at age 9.

Whatever the real COVID-19 infection numbers in North Korea may be, the country has requested vaccines and is scheduled to receive some 2 million doses of the AstraZeneca-Oxford University vaccine from a United Nations-backed Covax effort intended to deliver vaccines to the world’s least affluent and most vulnerable countries.

North Korea’s hackers have been up to more than just medical “research.” The country closed its border with China soon after the pandemic began, deeply impacting trade and undermining an already weak economy. A United Nations inquiry into a $281 million cryptocurrency theft from September 2020 points the blame at North Korea. The sanctions monitors who reported the theft to the UN Security Council painted them as merely the latest in a long string of similar attacks, with similar thefts from banks and crypto exchanges netting North Korea an estimated $2 billion in 2019.

The sanctions monitors accuse North Korea of largely using the stolen funds to finance nuclear and ballistic missile research programs.