[Donghwi Park, Professor of Military History, Department of Military History, Korea Army Academy at Yeongcheon] State-led espionage encompasses all areas, from acquiring political and military information to stealing economic-related information, including intellectual property rights. Above all, it is a serious issue directly linked to national security, which affects the survival of the nation. Coffee, first discovered in the Ethiopian highlands around 600?800 AD, crossed the sea to Yemen, where it began to be cultivated. Yemen recognized the value of coffee and prevented the export of green beans and coffee plants to maintain its exclusive status.
The reason why ‘Mocha’ was synonymous with coffee at the time was that coffee was sold only in the Yemeni port city of ‘Mocha.’ However, the Netherlands realized that coffee could be cultivated elsewhere if the environment was similar to Yemen’s. In 1616, they sent spies to Mocha, Yemen, and stole coffee plants with roots intact. Subsequently, coffee began to be produced worldwide, led by the Dutch colonies of Ceylon (the former name of Sri Lanka) and Java in Indonesia. Moreover, due to the Dutch espionage, Yemen lost its exclusive status as a coffee producer. Currently, Yemen is also the poorest country in the Arab world.
With the advent of the information age, state-led espionage has become easier and more frequent. Since early 2010, the Chinese government has been the most active in leading cyber espionage. Chinese hackers’ attacks have focused mainly on two strategic industrial sectors.
First, China has concentrated its attacks on the U.S. military and major defense contractors to acquire information on U.S. weapon systems. Second, U.S.-based IT companies leading the software industry are another target of Chinese hackers. In other words, China employs illegal strategies to steal key technologies through cyberattacks to compensate for areas where they lag behind Western countries. Specifically, in 2010, Google revealed that Chinese hackers attempted to hijack the Google account of a human rights activist. Companies such as Symantec, Adobe, and Northrop Grumman, which had major contracts with the U.S. Department of Defense and defense industries, were also attacked by Chinese hackers around the same time. In September 2014, the U.S. Senate Armed Services Committee reported that hackers linked to China had repeatedly infiltrated computer systems of U.S. airlines, companies holding critical industrial technologies, and defense-related firms. In 2019, the U.S. Navy and its partner companies were also found to have been attacked by Chinese hackers. Cyber espionage, which frequently occurs in the information age, can be considered a war between nations that seriously threatens national security.
During the COVID-19 pandemic, state-led cyber espionage has intensified. Global pharmaceutical companies are accelerating the development of vaccines and treatments to end COVID-19. However, developing vaccines and treatments is extremely challenging. As of March 2021, only 12 vaccines had been approved for general public use in at least one country. Moreover, due to limited production volumes, global vaccine distribution rates remain low, and there is a significant disparity in vaccine acquisition among countries depending on their economic power. Naturally, high-value vaccines and vaccine-related data have been absolute targets of state-led cyber espionage from the early stages of development.
In July 2020, the U.S. Department of Homeland Security announced that a hacking group affiliated with Russian intelligence agencies was targeting COVID-19 research institutions in the U.S., the U.K., Canada, and other countries. In the same month, the U.S. Department of Justice indicted two Chinese hackers for attempting to infiltrate the network of the U.S. biotech company Moderna. They were cyber warriors affiliated with China’s Ministry of State Security who had attempted to steal intellectual property from multiple countries over the past decade. Moderna was the most advanced company at the time, conducting Phase 3 COVID-19 vaccine trials on 30,000 people across 89 U.S. cities in July 2020. Fortunately, according to the DOJ indictment, the Chinese hackers attempted but failed to obtain vaccine-related data. Attacks aimed at acquiring vaccine information became increasingly blatant.
In November 2020, the British pharmaceutical company AstraZeneca faced intensive cyberattacks. Hackers linked to China, Russia, Iran, and North Korea each attempted to access AstraZeneca’s network. The primary attack method involved sending phishing emails embedded with malware to AstraZeneca employees to steal access credentials to the company’s network. Even more recently, in February 2021, it was publicly revealed that the U.S. pharmaceutical company Pfizer was targeted by North Korean hacking attacks. Pfizer is known for producing the safest and most effective vaccines.
Cyber warfare related to COVID-19 is not limited to cyber espionage. Recently, cyber warfare has shown signs of escalating into sabotage attacks on vaccine pipelines, transportation and storage, and vaccination systems, raising concerns. Sabotage refers to the intentional destruction of an opponent’s private or public property. In the pharmaceutical industry, a pipeline refers to the entire process from new drug research and development to clinical trials and approval. Around October 2020, a software development company used for clinical testing of coronavirus treatments was attacked by ransomware, aiming to deliberately disrupt vaccine production. Additionally, in December 2020, GAVI, the Global Alliance for Vaccines and Immunization leading COVAX, was also attacked. Unknown attackers targeted the vaccine supply chain, which requires maintaining proper temperatures during transportation. The cyberattack method involved sending phishing emails embedded with malware.
A cybersecurity company announced that although not definitive, the discovered malware was similar to those used by hackers from specific countries. If hackers succeed in attacking refrigeration systems controlled by Internet of Things (IoT) technology, the vaccines stored there could become unusable, leading to a terrible situation. Furthermore, cybersecurity experts have warned of the risks of malicious cyberattacks on vaccine registration lists and appointment systems.
The world is currently suffering greatly from COVID-19. On top of this difficult situation, cyber warfare between nations is intensifying. Some countries are conducting cyber espionage to steal information related to COVID-19 vaccines. Additionally, cyber sabotage aimed at deliberately disrupting opponents’ vaccine development, distribution, and vaccination efforts threatens national security. Therefore, to protect national security, governments and companies must unite and actively respond to cyber warfare issues related to COVID-19 vaccines.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
