Cybercrimes have increased since the beginning of the COVID-19 pandemic with hackers becoming heavily resourced, especially now with nations across the world in the implementation stages of rolling out vaccines.
Hackers have found sophisticated ways to target the organisations that have valuable data such as vaccine development, trials, etc. Here are X cybersecurity threats to the COVID-19 vaccine:
1. Cyber Espionage to Steal Vaccine Data
A viable vaccine is valuable intellectual property. Beyond the pharmaceutical formula itself, even data on testing and drug trials can be valuable to an organisation working to develop its own drug. With countries struggling to secure an effective vaccine, such data is a tempting target.
In late 2020, North Korean cyber attackers reportedly targeted the vaccine maker AstraZeneca in the UK. They apparently used spear-phishing via social media to try to inject malware by way of job description documents. Over the summer, Russian cyber attackers were also detected in a vaccine theft attempt.
Threat actors on the hunt for vaccine data are advanced cyber attackers, either working for or hired by nation-states. This makes them the most capable and well-resourced threat that organisations could face.
2. Sabotage the Vaccine Pipeline
In October 2020, a large US clinical trial software manufacturer involved in coronavirus drug testing experienced a ransomware attack. The software was designed to be more crippling than ransomware; not just encrypting data but wiping it out permanently.
The cooling systems required by vaccines are also vulnerable to cyberattack, especially if they are tied to IoT controls. Over the years, IoT systems have very poor security controls and are often subverted and infected by malware.
Cybercriminals could stand to make a lot of money by slowing or crippling vaccine distribution efforts. But it also would be easy for competitor nation-states to use ransomware (and cybercriminals) to conceal other sinister moves such as slowing down a nation’s recovery.
3. Using Stolen Vaccine Data for Disinformation
In October of 2020, the Centre for Countering Digital Hate reported that 50 million people follow anti-vaccine groups on social media. In January of 2021, regulatory data regarding the COVID-19 vaccine was stolen by cyber attackers, reportedly to fuel disinformation campaigns.
In the past, F5 Labs wrote about how hacktivists can use doxing (the unauthorized release of private or personal information) to intimidate or embarrass an opponent. It also noted that leakers can release carefully curated and incriminating emails or confidential documents, which can be effective against organizations or public figures. Sometimes they will modify leaked vaccine data prior to publication in an attempt to sow disinformation.
4. Vaccine Cyber Thieves
The most proficient attackers are hostile nation-states that use misinformation to slow down vaccinations. The attackers’ goal here is to violate confidentiality by stealing data for disclosure. They may modify that stolen data to help sway opinion.
The targeted assets are the same as the cyber espionage attacker’s, most notably research data, virus testing, and clinical trials that show side effects or potential problems.
Most targeted organizations will be subject to regulation and intellectual property protection. However, their connections with third parties can expand the attack surface.
Furthermore, individual researchers’ personal accounts, such as home emails, are also potential targets. These could perhaps hold personal notes expressing vaccine doubts. which attackers could use to influence opinion.
5. Hacking the Vaccine Appointment System
The likely attackers here would be individuals with hacking skills and cybercriminals looking to sell vaccine access. Their capabilities would be variable but tending toward the lower end of the scale. There is a profit to be made, but it’s not as lucrative and easy as other cybercrime schemes. The ultimate goal is to weaken the integrity of the appointment system by unauthorized modifications or additions to the waiting list.
The controls around the vaccine registration systems are likely to be highly variable, but also tending towards the higher side, as they are also regulated medical systems.
Evidence of this type of criminal activity is starting to emerge. For example, a healthcare provider in Michigan recently cancelled 2,700 vaccine appointments after a breach allowed people to cut in line. The attempt failed, and the likelihood of similar successful attacks remains on the low side. There is a considerable risk of getting caught. Less traceable methods of getting early access to vaccines like bribing medical professionals are more likely.
By Raymond Pompon, Director of F5 Labs