North Korean hackers have targeted half a dozen companies working on SARS-CoV-2 vaccines, according to the Wall Street Journal.
It reports that companies in the US, UK, and South Korean were targeted by phishing-based campaigns to gather sensitive information on their vaccine development efforts, possibly with an eye toward selling or weaponizing the information. According to the Journal, the hackers went after Johnson & Johnson and Novavax in the US; AstraZeneca in the UK; and Genexine, Shin Poong Pharmaceutical, and Celltrion in South Korea.
Some of the companies tell the Journal they were aware of the attacks or knew of threats, and the Journal notes that it is not clear whether the hackers obtained any data. It adds that the hackers' digital footprints were similar to previous attacks on the State Department and South Korea's unification ministry.
In May, the UK's National Cyber Security Center and the US Department of Homeland Security Cybersecurity and Infrastructure Security Agency issued a joint advisory that warned of hacking threats against vaccine developers. Additionally, in July, Western intelligence agencies announced that the Russian hacker group Cozy Bear was targeting COVID-19 research, including vaccine research, and later that month, the US charged two individuals who have worked both for themselves and for the Chinese Ministry of State Security with stealing trade secrets in connection with hacking vaccine developers.