For months, North Korean hackers have reportedly worked to infiltrate at least a half-dozen pharmaceutical companies across the globe.
Citing individuals familiar with the situation, the Wall Street Journal reported on Wednesday that North Korean hackers targeted Johnson & Johnson and Novavax, both based in the United States and working on COVID-19 vaccines.
Last week, it was reported that hackers also attempted to infiltrate pharmaceutical giant AstraZeneca, a company that says it has developed a vaccine with 90% effectiveness. Hackers posed as job recruiters on Linkedin and messaging app WhatsApp and tried to lure company employees into receiving malware, according to Reuters.
South Korean companies Genexine Inc., Shin Poong Pharmaceutical Co., and Celltrion Inc. were also targeted. It is unclear if North Korea was able to succeed in gleaning any information from the hacking attempts, which reportedly began in August.
In a statement to the Washington Examiner, a spokeswoman with Novavax said that while the company does not comment on specific cybersecurity activity, it is confident that it can “continue to progress with our COVID-19 vaccine candidate without disruption.”
“We are closely monitoring developments and continually in touch with and working with the appropriate government agencies and commercial cybersecurity experts to address any developments and threats that may emerge,” she said.
The specific North Korean hacking group believed to be behind the intrusions is a unit that the United States has referred to as “Kimsuky.” Kimsuky reportedly utilized phishing tactics through emails in an attempt to infiltrate the companies working on COVID-19-related research.
While it is unlikely North Korea would have the technological infrastructure to produce a vaccine from the hacked information, it could sell the companies’ data to a third-party buyer or perform a ransomware attack, Robert Potter, the head of Australia-based cybersecurity company Internet 2.0 told the Wall Street Journal.
North Korean hackers are purported to be behind the 2016 theft of $81 million from the Central Bank of Bangladesh and the leak of internal emails from Sony Pictures back in 2014.
On Tuesday, the State Department said it is “vital for governments, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea.”
The Washington Examiner reached out to Johnson & Johnson for comment but did not immediately receive a response.
