Government officials and health care groups are becoming increasingly alarmed at hackers targeting the vulnerable vaccine supply chains that will move the serum from the manufacturer to the public. There has apparently been an uptick in hacker activity from nation-states and criminals looking to take advantage of the vaccine rollout.
The goals of the hackers range from simple penetration to possible diversion of vaccine supplies. And as the date for a vaccine rollout becomes closer, the hacker activity is picking up.
“We have noticed an uptick in attacks against all aspects of the vaccine supply-chain from research through to manufacturing and distribution,” Marc Rogers, the executive director of cybersecurity at software group Okta, told The Hill on Friday.
Rogers, who helps lead the COVID-19 CTI League that tracks and helps defend against cyberattacks aimed at health groups, noted that the League has seen “ramped up” cyberattacks aimed at medical institutions corresponding to increasingly positive news around vaccine development.
“My suspicion is that all parties in the cybercriminal underground from ordinary criminals to nation states recognize that the vaccines represent a golden opportunity and are responding as such,” Rogers said.
Larger institutions like drug companies and major healthcare providers usually have millions of dollars invested in cybersecurity. But some of their suppliers are not well-protected at all and represent significant vulnerabilities in keeping the vaccines safe.
Cold storage groups — which are necessary for shipping and storing COVID-19 vaccine candidates at extremely low temperatures, such as one recently rolled out by Pfizer — have been increasingly in the crosshairs.
A report last week from IBM warned of a “global phishing campaign” targeting groups associated with cold storage for the COVID-19 vaccine process. Researchers wrote that “the precision targeting of executives and key global organizations hold the potential hallmarks of nation-state tradecraft.”
Those nation-states almost certainly include North Korea and China, who have brazenly hacked their way into every major American industry to mine for technology.
The worry of government and health care officials is that the third-party groups responsible for getting the vaccine that “last mile” to the American people don’t have the resources to protect themselves. Rail and truck transport has been targeted already. It’s here that law enforcement can help the most. These companies are working with the National Security Agency and the FBI to ensure that the Operation Warp Speed vaccine supply chain process remains secure from start to finish.
Some cyber experts are also concerned about patient data collection efforts by hackers piggybacking on efforts to hack the supply chain. These experts say that vigilance is necessary to prevent millions of records from being compromised.
We’re not home yet with the vaccine. There will be a limited supply for the first several months and mass immunizations are not expected until the spring. Until then, keeping the hackers at bay will be a 24-7 job.