FDAnews
www.fdanews.com/articles/200282-north-korean-hackers-target-pharma-companies-developing-covid-19-treatments

North Korean Hackers Target Pharma Companies Developing COVID-19 Treatments

December 3, 2020

The global police organization Interpol issued a warning yesterday to countries to prepare for a new wave of organized criminal activity, including cyber hacking of drugmakers as governments prepare to ship their vaccines.

There have been reports that North Koreas has been hacking drugmakers working on COVID-19 vaccines, reportedly including U.S. companies Johnson & Johnson and Novavax, UK-based AstraZeneca and South Korea’s Genexine, Shin Poong Pharmaceutical and Celltrion.

The fear is that North Korea could attempt to sell or weaponize any data it hacks. Publicly, it has said it has no cases of coronavirus in the country and its lack of a modernized drug infrastructure makes it unlikely it could use any hacked info to produce a vaccine.

While the State Department declined to offer specifics on the vaccine issues, a spokesperson told FDAnews, “North Korea’s malicious cyber activities threaten the United States and countries around the world. North Korea poses a significant cyber threat to financial institutions, remains a cyber espionage threat, and retains the ability to conduct disruptive cyber activities.

Novavax declined to comment on specific hacking activity but told FDAnews that its cybersecurity team “ is aware of ongoing foreign threats identified in the news” and that the company is “confident we can continue to progress with our COVID-19 vaccine candidate without disruption and that these incursions do not pose a risk to the integrity of our data.”

Johnson & Johnson also refused to discuss specifics, but said it is “continually monitoring for activities that would put the systems and data that we are entrusted with at risk” and that it has “robust systems and processes in place.”

AstraZeneca did not respond to a request for comment.

The Justice Department, which has charged North Korean state-backed hackers with perpetrating serious cybercrimes including the 2017 WannaCry and 2014 Sony hacks, did not respond to a request for comment. ― Jason Scott