James Comey tells cybersecurity summit that November hack was traced to IP addresses used exclusively by North Korea.
South Korea’s intelligence agency says North Korea attempted to steal information on coronavirus vaccines and treatments by hacking Pfizer, the US pharmaceutical firm whose highly effective COVID-19 vaccine is being given to millions of people around the world.
North Korea has been under self-imposed isolation since closing its borders in January last year and leader Kim Jong Un has repeatedly insisted that the country has had no coronavirus cases.
Seoul’s National Intelligence Service “briefed us that North Korea tried to obtain technology involving the COVID vaccine and treatment by using cyberwarfare to hack into Pfizer,” Ha Tae-keung, an opposition member of South Korea’s parliamentary intelligence panel, told reporters.
Ha did not elaborate on the timing or success of the attempt. His office confirmed his comments but gave no details.
Pfizer’s offices in Asia and South Korea did not have an immediate comment.
Tuesday’s revelation follows attempts last year by suspected North Korean hackers to break into the systems of at least nine healthcare companies including Johnson & Johnson, Novavax and AstraZeneca.
South Korea’s National Intelligence Service (NIS) has said it also foiled attempts by its neighbour to hack into South Korean firms developing coronavirus vaccines.
Digital espionage directed at health agencies, vaccine scientists and pharmaceutical makers has surged during the COVID-19 pandemic.
North Korea is often accused of turning to an army of hackers to make money as international sanctions imposed for over its nuclear weapons programme make it almost impossible for the country to trade and health experts say its motivation for attacking the vaccine developers may be to sell the stolen data rather than develop its own vaccine.
A United Nations report last month said that North Korea-linked hackers “continued to conduct operations against financial institutions and virtual currency exchange houses to generate revenue” in 2020 to support its nuclear and missile programmes. The total theft amounted to nearly $320m, it said.
Pfizer’s vaccine, developed jointly with Germany’s BioNTech, uses cutting-edge technology and began winning approval from authorities late last year before being rolled out across the world.
The two companies said in December that documents relating to their vaccine were “unlawfully accessed” during a cyberattack on a server at the European Medicines Agency (EMA), the EU’s medicine regulator.
The comments came after the Amsterdam-based EMA said it had been the victim of a hacking attack, without specifying when it took place or whether its work on COVID-19 was singled out.
North Korea is expected to receive nearly two million doses of the vaccine developed by AstraZeneca and Oxford University by the first half of this year as part of the WHO or World Health Organization-backed COVAX vaccine-sharing programme.
It has not confirmed any cases of COVID-19 so far, but the NIS has said an outbreak could not be ruled out given the North’s close relationship with China.
Pyongyang’s hacking activities first came to global attention in 2014 when it was accused of hacking into Sony Pictures Entertainment as revenge for The Interview, a satirical film that mocked leader Kim.
The attack resulted in the posting of several unreleased movies as well as a vast trove of confidential documents online.
The North is also accused of a huge, $81m cyber-heist from the Bangladesh Central Bank, as well as the theft of $60m from Taiwan’s Far Eastern International Bank.
Pyongyang’s hackers were also blamed for the 2017 WannaCry global ransomware cyberattack, which infected some 300,000 computers in 150 nations, encrypting user files and demanding hundreds of dollars from their owners for the keys to get them back.
Pyongyang has denied the accusations, saying it has “nothing to do with cyber-attacks”.