As US, Allies Rally Around Vaccine Effort, China's Own Ally Tries Sabotaging It


As the United States could be within weeks of a coronavirus vaccine rollout, one of America’s biggest enemies — and an ally of our biggest adversary — is seeking to disrupt our progress on COVID-19 immunization.

According to a Wednesday report in The Wall Street Journal, North Korean hackers have targeted six vaccine developers, including two in the United States.

Citing anonymous sources familiar with the matter, The Journal reported that Johnson & Johnson and Novavax, which are both working on experimental vaccines, as well as other companies had been the target of a hack attempt from Pyongyang-backed cybercriminals.

Three of the companies are based in South Korea: Genexine, Shin Poong Pharmaceutical Co. and Celltrion.

U.K.-based AstraZeneca, whose vaccine was developed in coordination with the University of Oxford, was also targeted.

NBA Superstar Makes 'Unprecedented' Move with Contract Extension: Giving Up Over $100 Million

It’s unclear how much useful data was siphoned off by the North Korean hackers. Of the six companies targeted, only one — AstraZeneca — has produced a market-ready vaccine that’s been shown effective in trials.

However, the attacks began in August, according to sources cited by The Journal.

North Korea itself would seem to have little use for the vaccine. Pyongyang has claimed it has zero cases of COVID-19. Whether or not that’s true, it likely doesn’t have the necessary technology to produce a vaccine for the novel coronavirus.

While state-run media in North Korea said the government was working on a vaccine for the virus in the spring, there’s about as much chance of that happening as there is of the image of the Elvis “randomly” burned into a piece of toast by a toaster actually having come through supernatural means — particularly given that Pyongyang has issues mass-producing toasters effectively, much less the most complicated and sought-after biotech product in the history of the pharmaceutical industry.

Is China our enemy?

That doesn’t mean that North Korea’s hacking apparatus — surprisingly advanced for a country that doesn’t have widespread Internet access — doesn’t have a reason for trying weasel its way into these companies’ networks.

“A more likely North Korean use for stolen intelligence on Covid-19 vaccines would be to sell it to a third-party drugmaker, likely in China, said Robert Potter, head of Internet 2.0, a cybersecurity company based in Canberra, Australia, who monitors Pyongyang’s hacking behavior,” The Journal reported.

“Another option, Mr. Potter added, would be to leverage knowledge of the targeted companies’ networks from the attacks to demand payouts in return for restoring access to encrypted files — a ransomware attack — or crash a company’s website.”

North Korea’s targets go beyond pharmaceutical companies, though. Hackers are also targeting the “cold chain” that ensures the vaccines arrive at their destination, particularly important given the low storage temperatures needed for the first batch of COVID-19 vaccines likely to be approved.

On Thursday, according to the Security Intelligence blog, IBM announced its X-Force global threat team had “recently uncovered a global phishing campaign targeting organizations associated with a COVID-19 cold chain. The cold chain is a component of the vaccine supply chain that ensures the safe preservation of vaccines in temperature-controlled environments during their storage and transportation.”

North Korean Troops Suffer Multiple Casualties After Attempting to Enter DMZ

“The adversary impersonated a business executive from Haier Biomedical, a credible and legitimate member company of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP program. The company is purportedly the world’s only complete cold chain provider,” the post read.

“Disguised as this employee, the adversary sent phishing emails to organizations believed to be providers of material support to meet transportation needs within the COVID-19 cold chain. We assess that the purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution.”

According to The Journal, the hackers come from a group identified by the moniker “Kimsuky” by the U.S. government.

“For the Covid-19-related attacks, Kimsuky operatives attempted to lure in victims with phishing tactics,” The Journal reported.

“The hackers would pose as colleagues or trustworthy acquaintances by creating fake email accounts, then send out messages with benign-looking attachments or links. If the recipients clicked on them, the hackers could gain access to their computers, and, thus, user IDs or passwords, the people said.

“The hackers had six companies listed either by name or with abbreviations such as ‘jnj’ for Johnson & Johnson, according to one of the people and materials reviewed by The Wall Street Journal.”

Where is China on this? Nowhere to be found, obviously.

And let’s be clear: China isn’t just an ally of North Korea, the country is also the Kim Jong Un regime’s biggest enabler. The United States also announced this week that China is helping North Korea evade United Nations sanctions. Again.

“In no other country do we see this breadth and depth of continuing illicit commercial activity with North Korea, the scale of which puts China in flagrant violation of its obligations,” said Deputy Assistant Secretary for North Korea Alex Wong, according to Reuters.

“They are seeking to revive trade links and revenue transfers to the North, thereby ensuring Chinese reach into the North’s economy.”

FBI Director Christopher Wray also told Congress that “China’s most prolific cyber actors” are also trying to hack into the networks of vaccine-makers, so it’s not just North Korea doing this.

“You’re correct that we are seeing efforts by our foreign adversaries to engage in cyber targeting of [coronavirus disease] vaccine research, testing technology, treatment technology, and efforts to disrupt our national response to the pandemic,” Wray said, according to Breitbart.

“This is a very, very real cyber threat that we’re contending with daily.”

China and its allies will go as low as they need to — if not to get vaccine information for themselves, then to sabotage other nations’ vaccine rollouts.

At a time when former Vice President Joe Biden is staffing a potential Biden White House with former State Department officials who didn’t think China was much of a threat during the Obama years, and pushed the “reset button” on Russia, Americans need to be deeply worried about whether a potential Biden administration will stand up to Beijing.

Truth and Accuracy

Submit a Correction →

We are committed to truth and accuracy in all of our journalism. Read our editorial standards.

, , , ,
C. Douglas Golden is a writer who splits his time between the United States and Southeast Asia. Specializing in political commentary and world affairs, he's written for Conservative Tribune and The Western Journal since 2014.
C. Douglas Golden is a writer who splits his time between the United States and Southeast Asia. Specializing in political commentary and world affairs, he's written for Conservative Tribune and The Western Journal since 2014. Aside from politics, he enjoys spending time with his wife, literature (especially British comic novels and modern Japanese lit), indie rock, coffee, Formula One and football (of both American and world varieties).
Morristown, New Jersey
Catholic University of America
Languages Spoken
English, Spanish
Topics of Expertise
American Politics, World Politics, Culture