EU organization in charge of approving the COVID-19 vaccines were interrupted by Hackers. That’s what the European Medicines Agency (EMA) said.

What’s more daunting, is that the global spear-phishing campaign responsible for such interruptions isn’t new. They have been targetting distribution companies since September 2020.

That’s part of what we have learned from new researches. Want to know more?

 

Hackers Interrupt Distribution of COVID-19 Vaccines

A short statement was posted on the agency’s website, where they disclose the security beach, but don’t reveal details about the intrusion.

This is because the investigation is still ongoing.

So far, the biggest alert we have, is that both BioNtech (German pharma company) and U.S. partner Pfizer had coronavirus vaccine’s data “unlawfully accessed” during the same cyberattack to the European Medicines Agency servers. This one is based in Amsterdam.

When we talk about “data”, then we refer more specifically, to “documents relating to the regulatory submission for Pfizer and BioNTech’s candidate: BNT162b2.”

The Agency has been considering conditional marketing requests for a few coronavirus vaccines to be used in the whole European Union. That’s what they said earlier Wednesday.

But once again, refused to extend the details while the investigation is happening.

Only one statement was added: that either BioNTech or Pfizer systems were breached in this particular incident, and also, that any study participants got their data breached as consequence. 

The operation scaled enough to be attributed to the IBM Security X-Force team of research, which claimed that the interrupting attacks were aiming at the vaccine cold chain. 

It means, companies that take care of the storage and safe delivery of the vaccine.

The US CISA: Cybersecurity and Infrastructure Security Agency issued an alert that urged Operation Warp Speed organizations to review the “indicators of compromise” and scale up their defenses

A lot of attention is on BioNTech and Pfizer companies, which are the first ones to get emergency authorization for the vaccine’s distribution.

They were sent to Britain last week and to Canada on Wednesday. In the meantime, the U.S. FDA would have to submit approval on Thursday. 

Remember when I said this wasn’t the first time a company linked with covid-19 vaccines was targeted by bad actors?

Well, Microsoft said last month that it has detected state-backed Russian hacking attempts, as well as North Korean hackers that were trying to steal data from vaccine company’s researchers.

For the moment, the targets are located in Canada, France, India, South Korea, and the US.

Microsoft spokesperson said, they are wanted for being “directly involved in researching vaccines and treatments for COVID-19,” but it didn’t mention any names.

It appears that the ultimate goal was to harvest the researcher’s usernames and passwords to steal intellectual property.

According to Reuters and the Wall Street Journal, the list of companies targeted by hackers includes Johnson & Johnson, Novavax, Genexine, Shin Poong Pharmaceutical, Celltrion, AstraZeneca, Moderna, and Gilead.

An example of this is how suspected North Korean hackers targeted AstraZeneca (British drugmaker) by disguising as recruiters with fake job offers on both LinkedIn and WhatsApp, to trick employees into sending personal documents, gaining access into the system.

That would suggest that the hacking activity is mostly related to intelligence gathering, and not exactly research disruption, as it was believed. 

Either way, that only means one thing: If hackers can bypass multi-billion companies’ security layers, then it probably can overcome your business’ one as well.

Do you want to keep it this way or would you like to know how to change it?

I hope you make the right choice.