The US pharmaceutical company Pfizer suffered a cyber-attack by the North Korean government aimed at obtaining information related to the vaccine and treatments against COVID-19. "The National Intelligence Service in Seoul informed us that North Korea tried to obtain technology related to the COVID-19 vaccine and treatment by using cyberwarfare to hack Pfizer," South Korean MP Ha Tae-keung told the AFP news agency.
It was not the only attempt by Pyongyang. South Korea's intelligence service claims that this is not the first time Kim Jong-un's government has tried to obtain inside information about a COVID-19 vaccine and that it has previously "thwarted its neighbour's attempts to penetrate South Korean companies that are developing vaccines against the coronavirus". These statements come after attempts to penetrate the operating systems of up to nine different companies since last year, including Johnson & Johnson, Novavax and Astrazeneca.
North Korea has been isolated for more than a year - January 2020 - when the leader decided to close the borders in the face of the threat posed by the virus from China. The official version is that not a single case of coronavirus has been reported in the entire North Korean territory, although experts have serious doubts about the veracity of this information. North Korea has requested the supply of vaccines from the COVAX solidarity mechanism, which is sending two million doses to the country. This mechanism is promoted by the World Health Organisation (WHO) and its function is to ensure the equitable distribution of the vaccine in all parts of the world.
The North Korean attack on Pfizer's website is one of many cyber-attacks that are being spurred by the arrival of the COVID-19 vaccine. Just under two months ago, in December 2020, the European Medicines Agency was the victim of an attack that resulted in the leak of confidential documents related to the treatment of the virus, as well as Pfizer - BioNTech vaccine information on the dark web, according to an Italian cybersecurity agency.
The European Medicines Agency was not affected in its operations or in the approval and evaluation of the various vaccines. What is certain is that the information was manipulated prior to publication and that this could have certain consequences for public opinion, as a European Commission source admitted that the information "was manipulated prior to publication online, to undermine confidence" in the immunisers. These files were posted on blogs and distributed via email by one of the hackers. Among those posted were names of officials and documents belonging to a secure information portal accessible only to authorised personnel.
Researchers from the US agency IBM announced the detection of other cyber-espionage attempts aimed, this time, at obtaining information on the distribution of vaccines in developing countries by the World Health Organisation. To do so, they used a strategy known as "spear phishing", which consists of impersonating a competent authority in order to obtain confidential information.