Around the world, coronavirus research units and vaccine manufacturers are experiencing cyber attacks. Gaps and vulnerabilities in technological infrastructure enable these activities. The increase in attacks on critical organizations is worrisome. If further cyber attacks are successful, what will become of public trust? Will these organizations still be perceived as purveyors of a public good?
An increase in attacks
Legal authorities and cyber security vendors have both issued warnings concerning a surge in coronavirus-related security threats. In January, the South Korean National Intelligence Service (NIS) denoted a potential threat by North Korean hackers. According to Reuters, South Korean firms involved in coronavirus vaccine development managed to successfully thwart these threats.
Swedish, Indian, French, UK, Canadian and US-based vaccine manufacturers have also experienced cyber threats. While these organizations may not have been critically compromised, defending against intrusions is a must. Partnering with competitors when it comes to threat intelligence can help protect everyone.
What experts say
“…Attacks currently seem to be mainly coming from government-backed hacking groups…they are not yet reported to have impacted to the extent that the public have been put at serious risk of harm or vaccination effort unduly disrupted,” says data protection and cyber security expert, Mark Hendry. Nonetheless, the attacks could lead to supply chain disruptions and other untoward consequences.
Why are hackers zeroing in on scientific groups?
Geopolitical aggression and interest in the theft of intellectual property are key reasons. Nation-state backed hacker rings may pinch intellectual property for their own nation’s gain or to sell to others.
Prior to the coronavirus pandemic, healthcare represented one of the top three sectors targeted by cyber attackers. Stealing health research information can help nation-states lower their own research costs. Nation-states can then potentially introduce vaccines or therapeutics to their populations more quickly than they would have otherwise. This also serves to increase internal political stability.
In these instances, the stolen information is unlikely to harm global public health initiatives. Rather, nation-state backed hackers may operate with the goal of curing their own nation’s ills without depending on Western countries.
“The potential harm here is limited to commercial harm…,” says Mike Chapple, a former computer scientist for the US National Security Agency and professor of cyber security at the University of Notre Dame.
Stolen vaccine doses
The dark web is awash with merchants who are purportedly selling coronavirus vaccines. Cyber security researchers have found that these advertisements are scams; the vendor takes the money and runs. Yet, given recent events, are all dark web advertisements for the coronavirus vaccine fake?
Now that the vaccine is more than an abstract concept, and exists in real pharmacies, the FBI and police are reporting that vaccine doses in the US have gone missing. In one case, a vaccination-site reported that three vials of the vaccine had disappeared. Altogether, the three vials are worth roughly $1,500. Will they surface on the dark web?
Investigations into fake and illegal vaccine offerings are ongoing worldwide. Last month, 80 individuals were arrested for profiting from fake vaccine sales. In the US, Department of Homeland Security officials seized roughly $33 million in illegitimate gains from coronavirus vaccine fraud attempts.
Pandemic response organizations
If your organization is part of the global pandemic response, the time to revisit your cyber security infrastructure is now. Seek out high-impact, custom-tailored insights. In the interest of protecting both your organization and public health at-large, ensure that your organization is secure.
For in-depth cyber security information, check out Cyber Talk’s whitepapers.