Suspected North Korean hackers have tried to break into the systems of British drugmaker AstraZeneca in recent weeks, two people with knowledge of the matter told Reuters, as the company races to deploy its vaccine for the COVID-19 virus.
The hackers posed as recruiters on networking site LinkedIn and WhatsApp to approach AstraZeneca staff with fake job offers, the sources said. They then sent documents purporting to be job descriptions that were laced with malicious code designed to gain access to a victim's computer.
The hacking attempts targeted a "broad set of people" including staff working on COVID-19 research, said one of the sources, but are not thought to have been successful.
The North Korean mission to the United Nations in Geneva did not respond to a request for comment. Pyongyang has previously denied carrying out cyberattacks. It has no direct line of contact for foreign media.
AstraZeneca, which has emerged as one of the top three COVID-19 vaccine developers, declined to comment.
Frequently Asked Questions
A vaccine works by mimicking a natural infection. A vaccine not only induces immune response to protect people from any future COVID-19 infection, but also helps quickly build herd immunity to put an end to the pandemic. Herd immunity occurs when a sufficient percentage of a population becomes immune to a disease, making the spread of disease from person to person unlikely. The good news is that SARS-CoV-2 virus has been fairly stable, which increases the viability of a vaccine.
There are broadly four types of vaccine — one, a vaccine based on the whole virus (this could be either inactivated, or an attenuated [weakened] virus vaccine); two, a non-replicating viral vector vaccine that uses a benign virus as vector that carries the antigen of SARS-CoV; three, nucleic-acid vaccines that have genetic material like DNA and RNA of antigens like spike protein given to a person, helping human cells decode genetic material and produce the vaccine; and four, protein subunit vaccine wherein the recombinant proteins of SARS-COV-2 along with an adjuvant (booster) is given as a vaccine.
Vaccine development is a long, complex process. Unlike drugs that are given to people with a diseased, vaccines are given to healthy people and also vulnerable sections such as children, pregnant women and the elderly. So rigorous tests are compulsory. History says that the fastest time it took to develop a vaccine is five years, but it usually takes double or sometimes triple that time.
The sources, who spoke on condition of anonymity to discuss non-public information, said the tools and techniques used in the attacks showed they were part of an ongoing hacking campaign that US officials and cybersecurity researchers have attributed to North Korea.
The campaign has previously focused on defence companies and media organisations but pivoted to COVID-related targets in recent weeks, according to three people who have investigated the attacks.
Follow our LIVE blog for the latest updates of the novel coronavirus pandemic
Cyberattacks against health bodies, vaccine scientists and drugmakers have soared during the COVID-19 pandemic as state-backed and criminal hacking groups scramble to obtain the latest research and information about the outbreak.
Western officials say any stolen information could be sold for profit, used to extort the victims, or give foreign governments a valuable strategic advantage as they fight to contain a disease that has killed 1.4 million people worldwide.
Microsoft said this month it had seen two North Korean hacking groups target vaccine developers in multiple countries, including by "sending messages with fabricated job descriptions." Microsoft did not name any of the targeted organisations.
South Korean lawmakers said on Friday that the country's intelligence agency had foiled some of those attempts.
Reuters has previously reported that hackers from Iran, China and Russia have attempted to break into leading drugmakers and even the World Health Organisation this year. Tehran, Beijing and Moscow have all denied the allegations.
Some of the accounts used in the attacks on AstraZeneca were registered to Russian email addresses, one of the sources said, in a possible attempt to mislead investigators.
North Korea has been blamed by US prosecutors for some of the world's most audacious and damaging cyberattacks, including the hack and leak of emails from Sony Pictures in 2014, the 2016 theft of $81 million from the Central Bank of Bangladesh, and unleashing the Wannacry ransomware virus in 2017.
Pyongyang has described the allegations as part of attempts by Washington to smear its image.
Follow our full coverage of the coronavirus pandemic here.