Hackers target COVID-19 Vaccine Supply Chain

Philip BaderCybersecurity, Vulnerabilities

It’s been a tough year for cybersecurity in the health sector. Healthcare providers both big and small have been hit by ransomware attacks in 2020. As the United States and the United Kingdom ramp up distribution of COVID-19 vaccinations, some fear the new year will bring renewed cyberattacks that target vaccine supply chains.

A new report by the BBC notes that health professionals are relying on technology more than ever to manage distribution of new COVID-19 vaccinations. The unchecked spread of the virus makes these distribution efforts more critical than ever. And fears of new and more infectious strains put significant pressure on governments to protect vaccine supply chains.

A Complex and Vulnerable Supply Chain

Vaccine distribution has presented a number of logistical challenges. Distribution of the Pfizer vaccine requires continuous temperature monitoring during transport and storage. The company uses GPS-enabled thermal sensors to monitor the location and temperature of every vaccine shipment.

The logistical support needed for such a massive operation requires cooperation from numerous sectors. Health professionals, government officials, transportation crews, and local contractors all play a part in vaccine distribution. And each link in this chain could potentially be targeted by malicious actors.

Attacking the Vaccine ‘Cold Chain’

In early December, IBM announced it had found evidence of attempted attacks on the COVID-19 cold chain. A report said malicious actors coordinated a global phishing campaign that spanned six countries. The campaign specifically targeted executives and organizations with key roles in supply chain operations. The report added the precision of the phishing campaign showed signs of being directed by a nation-state.

Malicious actors sent out emails posing as executives from legitimate organizations. The purpose, IBM said, could have been to harvest credentials and use them to penetrate corporate networks. Unauthorized access to these networks could allow cybercriminals to gather sensitive information about COVID-19 vaccine distribution.

As early as April 2020, the U.S. and UK governments warned of COVID-specific cybersecurity threats. A joint statement by the Cybersecurity Infrastructure and Security Agency and the National Cyber Security Center urged increased vigilance. The statement said cybercriminals were targeting individuals and organizations with COVID-related scams and phishing campaigns.

It remains unclear who might be responsible for the recent targeting of the vaccine supply chain. But back in July, U.S. officials along with counterparts in the U.K. and Canada suggested that Russian hackers were actively targeting vaccine research. A press release from the U.K.’s National Cyber Security Centre specifically called out the group APT29, also known as Cozy Bear, for actively targeting vaccine researchers.

Several months later, Microsoft announced in a blog post that it had evidence of attacks on seven prominent organizations involved in COVID-19 vaccine research. The company said it had traced the attacks to known cybercriminal groups in Russia and North Korea. The attacks focused on groups actively involved at the time in vaccine clinical trials.

Weaponizing Health Data

Many agencies and organizations, including Microsoft, have publicly condemned the targeting of healthcare providers. Even several ransomware gangs said earlier in the year that they would avoid targeting healthcare providers. But those promises have been short-lived.

Protected healthcare information remains a valuable commodity for cybercriminals. Moreover, the threat of regulator fines for data breaches or fear for patient health can lead to quicker ransom payments. As healthcare becomes more dependent on digital devices, attackers also have more pathways for attack.

For more than a decade, SecureData has provided innovative solutions for keeping sensitive data protected during use, at rest, or on the go. The world is more connected than ever before, and our data needs to be that much more secure. Whether it’s safeguarding protected health information or vital intellectual property, SecureData has comprehensive solutions for all of your data storage needs. Call us now at 1-800-520-1677.