- Anonymous sources claim that there’s evidence North Korean hackers target ‘AstraZeneca’ persistently.
- The threat actors are using the common trickery that involves fake job offers via LinkedIn.
- The North Korean state has not commented on these reports and has previously denied any involvement in similar cyber-attacks.
North Korean hackers have been aggressively targeting British pharma firm ‘AstraZeneca,’ which has been in the spotlight recently for the development of an effective COVID-19 vaccine. However, the worst part of this news is that it doesn’t come as a shock or a revelation, not even in the slightest sense.
Hackers targeting vaccine makers is something that has been going on since the very beginning of the research for a drug and never really stopped, gradually pushing the public in a state of indifference towards these otherwise grave reports.
Even the trick used by the hackers is typical of what North Koreans have been doing online for over a year now. The actors create fake LinkedIn accounts to impersonate high-ranking HR personnel from other pharmaceuticals, supposedly offering a very alluring job opportunity to their targets.
The staff who believes the offer is real accepts to download documents that purportedly contain full job descriptions and salary details, but which are nothing else than macro-ridden files. Upon opening these documents and enabling content on the office suite, malware is dropped onto the victim's computer, which - hopefully for the actors - is on the firm's premises or connected with the corporate network.
Skillful threat actors know how to take things further once they find their way inside networks through even a single computer, so tricking even a single employee of AstraZeneca would be enough for them. According to a Reuters report, the hackers actually targeted quite a few people, including scientists who worked in the COVID-19 vaccine research teams. However, none of these attempts were successful, as the AstraZeneca staff is well-informed about these methods and knows how not to fall for the trap.
Officially, the North Korean state has previously denied any connection to cyberattacks that have been attributed to hacking teams operating from within the country and denied to comment anything about these latest attacks against AstraZeneca. The British company remained silent about these events too, and Reuters claims to have anonymous insider info on the above details.
As for the vaccine itself, AstraZeneca has reached an efficacy of around 70% but is currently investigating a dose-related puzzle that takes the efficacy way higher when a smaller dose is administered. As it seems, hackers would love to know the details before the firm gets to hold a press release.