Covid vaccine: North Korean hackers ‘target’ Oxford-AstraZeneca project

Samuel Lovett
·3-min read
 (AFP via Getty Images)
(AFP via Getty Images)

North Korean hackers have reportedly targeted the coronavirus vaccine project led by Oxford University and AstraZeneca in recent weeks.

The hackers, who posed as recruiters on LinkedIn and WhatsApp, approached AstraZeneca staff with fake job offers, according to Reuters. They then sent documents purporting to be job descriptions that were encrypted with malicious code designed to gain access to a victim’s computer.

It is thought the attempts to access sensitive material targeted a number of research staff but were ultimately unsuccessful.

Boris Johnson’s official spokesperson refused to comment on the reports but told a media briefing on Friday: “Working alongside our allies, the NCSC [National Cyber Security Centre] is committed to protecting our most critical assets, the health sector and crucial vaccine research and development against threats.”

Some of the accounts used in the attacks on AstraZeneca were registered to Russian email addresses, a source told Reuters, in a possible attempt to mislead investigators.

This is not the first time that British Covid projects have been subject to hacking attempts.

In July, security minister James Brokenshire said the government was “more than 95 per cent” sure that Russian state-sponsored hackers targeted a number of UK, US and Canadian organisations involved in developing a coronavirus vaccine.

Mr Brokenshire said the NCSC and its counterparts in the other countries were confident “Russian intelligence agencies” were responsible for the attacks on drug companies and research groups.

However, the government has refused to be drawn on the latest cyber attack, which, according to US officials and researchers, is part of an ongoing hacking campaign attributed to North Korea.

The campaign has previously focused on defence companies and media organisations but pivoted to Covid-related targets in recent weeks, according to three people who have investigated the attacks, Reuters said.

Cyberattacks against health bodies, vaccine scientists and drugmakers have soared during the Covid-19 pandemic as state-backed and criminal hacking groups scramble to obtain the latest research and information about the outbreak.

Western officials say any stolen information could be sold for profit, used to extort the victims, or give foreign governments a valuable strategic advantage as they fight to contain a disease that has killed 1.4 million people worldwide.

Microsoft said this month it had seen two North Korean hacking groups target vaccine developers in multiple countries, including by "sending messages with fabricated job descriptions". Microsoft did not name any of the targeted organisations.

South Korean lawmakers said on Friday that the country's intelligence agency had foiled some of those attempts.

Hackers from Iran, China and Russia have also attempted to access material from the World Health Organisation throughout the pandemic, according to reports. Tehran, Beijing and Moscow have all denied the allegations.

North Korea has been blamed by US prosecutors for some of the world's most audacious and damaging cyberattacks, including the hack and leak of emails from Sony Pictures in 2014, the 2016 theft of £60.4m from the Central Bank of Bangladesh, and unleashing the Wannacry ransomware virus in 2017.

Pyongyang has described the allegations as part of attempts by Washington to smear its image.

The Independent has contacted both Oxford University and AstraZeneca for comment.

Additional reporting by Reuters

Read More

Downing Street tried to have Covid vaccine branded with Union flag

AstraZeneca chief admits Oxford vaccine needs ‘additional study’

Experts call for clarity and caution over Oxford vaccine trial results