Japanese Drug Firm Sees Drastic Increase in Suspicious Accesses to Systems

By Yoshiaki Takada and Toshihiro Maeda / Yomiuri Shimbun Staff Writers

12:45 JST, January 4, 2021

The amount of suspicious accesses to the computer system of KM Biologics Co., a Kumamoto-based pharmaceutical company that is developing a coronavirus vaccine, has increased drastically following the company’s announcement of its vaccine development, The Yomiuri Shimbun has learned.

The company has stepped up countermeasures and it has not confirmed any leaks. As companies worldwide scramble to develop a vaccine, this is another example of cutting-edge information being targeted.

The company, one of the top manufacturers of vaccines, develops “inactivated vaccines,” which involve injecting a person with a virus that has lost its infectious power to allow the person to develop immunity.

After KM Biologics announced the development of the vaccine on May 22 last year, there was a sharp increase in suspicious accesses to its system starting around July, according to the company. Sometimes, there were several hundred attempts per minute to break through the company’s firewall. Overall, the amount of suspicious accesses has doubled compared to before the announcement, and most of it originated overseas.

So-called “targeted email attacks,” which are emails containing viruses, have also been confirmed. The company said that information regarding KM Biologics’ emails may have been stolen from its business partners, and these email attacks may have been sent to the company’s employees.

“It could be a sign that they are planning a cyber-attack,” the company said. “The attacks may be targeting information related to the coronavirus vaccine.”

The company also stressed it has been taking appropriate measures to protect itself and said, “No damage or leaks have been confirmed.”

To further strengthen countermeasures, the company began using artificial intelligence in autumn last year to filter out suspicious emails.

In the near future, the company will begin operating a security operation center to intensively and continuously monitor its computer network. It will also increase the number of experts who respond to attacks.

■ Cyber-attacks launched worldwide

There have been cyber-attacks, one after the other, targeting coronavirus vaccines worldwide. The European Medicines Agency was hit by unauthorized access to vaccine information provided by U.S. pharmaceutical giant Pfizer Inc. and German pharmaceutical company BioNTech, which was being reviewed by the agency.

In Japan, the Health, Labor and Welfare Ministry issued a written alert to companies and research institutes in August last year, calling for them to take such measures as strengthening surveillance systems to detect unauthorized accesses and updating antivirus software.

“Attempts made to hack into a system are usually precursors of a full-scale cyber-attack,” said Motohiro Tsuchiya, dean of Faculty of Policy Management at Keio University who specializes in cybersecurity. “Attackers are relentless in their attacks, but society as a whole needs to fortify its defenses.”