In continued cyber attacks on key pharmaceutical organisations researching on Covid-19 vaccines, a fresh wave of attacks by North Korean hackers have been spotted to be squarely targeting British pharma major, AstraZeneca. In the new attack tactic, hackers are said to be posing as recruiters on LinkedIn and WhatsApp, among the most popular communication platforms in the world. Using these, the hackers are seemingly targeting key individuals linked with AstraZeneca, and attempting to convince them into download e-documents that have embedded macros containing malware. While the exact make and nature of the malware used in the attack is not clear, the nature of the hacking attempt suggests the use of regular remote access trojan (RAT) – which allows attackers to infiltrate systems from a distance, lie undetected for long spans of time, and relay key data from a company’s internal servers to the hacker’s remotely controlled server.
While this is certainly not the first time that attackers are attempting to use Covid-19 as the main pivot to increase their hacking attempts, things have steadily gotten more sensitive. Major Covid vaccine research organisations have been facing significant cyber attacks, suspected to be state-backed threat actors looking to steal key data from the Covid vaccine trials and other crucial information. While the earlier crop of attackers were traced to be from China and Russia, the recent spur of activity is seemingly coming from North Korea. In an earlier report, we highlighted how the North Korean hacker collective, Lazarus, has been increasingly targeting Covid vaccine efforts around the world.
Some of the most notable attacks in recent times have come on USA’s Pfizer-BioNTech collaboration, and India’s Dr Reddy’s Laboratories. The latter faced extensive breach of data that led them to shut down major global plants and isolate their data servers in order to investigate the breach. AstraZeneca, on this note, has been one of the leading companies, which in partnership with the University of Oxford in UK has reached an advanced stage of their Covid vaccine trials. While its trials were hit by a data discrepancy and lack of consistency in the efficacy of the vaccine and its doses, it still holds crucial importance in what is a global fight against the coronavirus pandemic. The breakout of the novel coronavirus strain has held the world hostage for nearly a year now, and major vaccine efforts such as AstraZeneca, Pfizer, Moderna and Dr Reddy’s are looked upon as key to get the world back on the normal track.
As part of the latest hacking campaign, cyber threat investigators have noted typical schemes such as the hackers registering their used social media accounts with Russian email addresses, in a bid to mislead attempts to investigate the cyber attacks. On this note, it comes as a temporary reassurance to note that AstraZeneca has not reportedly any known breach of sensitive data from their servers. However, a climate of cyber vigilance remains of utmost importance going forward, as the Covid vaccine efforts appear set to enter mass deployment status in the coming months.