• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » The crucial role of cybersecurity in the COVID-19 vaccine distribution

The crucial role of cybersecurity in the COVID-19 vaccine distribution

by Jurgita Lapienytė
16 December 2020
in Security
0
coronavirus covid 19 infected patient in coronavirus covid 19 quarantine room with quarantine and outbreak alert sign at hospital with blurred disease control experts

The crucial role of cybersecurity in the COVID-19 vaccine distribution. (c) Shutterstock

31
SHARES

With more than 73 million coronavirus cases worldwide, the COVID-19 vaccines offer potential relief. Yet, as many organizations are getting involved in their distribution worldwide, the attack surface for cybercriminals expands, and it worries cybersecurity experts.

COVID-19 has already accelerated cybersecurity risks to unprecedented levels. Now, as countries begin to vaccinate their populations, malicious actors are preparing to hack supply chain distributions, experts claim.

Criminals have been breathing down the vaccine researchers’ necks since they’ve started vaccine development. In July, it was reported that state-sponsored hackers from China, Russia, Iran, and North Korea were engaged in concerted attempts to steal vaccine secrets. In November, news that Russia and North Korea were targeting COVID-19 vaccine research surfaced.

And recently, IBM published an unnerving report about how criminals are trying to disrupt the distribution of COVID-19 vaccines. IBM reported that it had uncovered a global phishing campaign focused on organizations associated with the COVID-19 vaccine “cold chain” – the process needed to keep vaccine doses at minus 70 degrees Celsius to avoid spoiling as they travel from manufacturers to the recipients.

At the moment, countries are trying to figure out logistics, and more companies are getting involved in the vaccine distribution process. It means that the attack surface for hackers has increased, and they are highly likely to attack some of the companies just for financial gain.

How badly could a successful cyberattack damage the vaccine distribution chain? And how can organizations prevent these attacks from happening? To discuss these and other questions, CyberNews sat down with Elizabeth Mann, EY Americas Health and Life Sciences Cybersecurity Leader, and Susan Garfield, EY US Consulting Principal, and Life Sciences Sector Commercial Lead.

What are the criminals after?

First, we’ve got to learn that state-sponsored hackers were trying to steal vaccine secrets. Recent reports, released by numerous third parties, allow Elizabeth Mann to assume that most of the attacks are financially motivated.

“It’s worth noting that there’s a significant financial gain from ransomware attacks on critical systems. However, in the health sector, the theft of intellectual property, proprietary research, and exclusive methods is the threat vector that we have seen on a nation-state level,” Mann told CyberNews.

Disruption is a less common motive, and although one could imagine actors looking to create chaos, there is not a clear path to monetizing it, Mann explained.

It’s worth noting that there’s a significant financial gain from ransomware attacks on critical systems. However, in the health sector, the theft of intellectual property, proprietary research, and exclusive methods is the threat vector that we have seen on a nation-state level,

Mann explained.

In case of a successful hack attack, could a vaccine shipment be redirected and never reach those who it was supposed to reach?

In theory, yes, Susan Garfield reckons. And this is one reason why collaboration between supply chain and cybersecurity teams is the key.

“Often, these two disciplines sit in different parts of the enterprise, but teaming across silos has never been more important. One of our clients, for example, has made clear to all teams that their digital distribution platforms are among their highest-rated and most valued digital assets. Certainly, it would be a leading practice to protect those systems, including active defense, ongoing monitoring, and frequent testing and practicing for a response,” she explained.

Even though it’s hard to predict what will happen in the following weeks or months, hackers will probably attempt to hack into various systems one way or another.

“The question always comes down to motivation – who is motivated to disrupt this distribution, and what is their end game. The facts are that distribution systems can be compromised, and the motivation for doing so needs to be understood in different parts of the world,” Garfield said.

vaccine bottles
The crucial role of cybersecurity in the COVID-19 vaccine distribution. (c) Shutterstock

What to do?

With the understanding of their crucial role in stopping the pandemic, companies that are involved in the distribution of vaccines should have an incident response practice, Mann explained.

“It’s also important to have an offline understanding of who you would need in the case of an emergency, and how to contact those people or organizations, which may include outside counsel, incident response retainers, communications teams, both internal and external and boards of directors and executive leadership. Resilience is of utmost importance, and it needs to be tested, tuned, and practiced”, she said.

Of course, some precautionary measures can be implemented, including threat intelligence services, endpoint protection, establishing and testing critical system redundancies and failovers, and prioritizing systems that are essential to distribution.

“It’s also important to have a comprehensive understanding of what’s needed to restart priority systems in the appropriate order,” Mann told CyberNews.

UPDATED: The same Russian spies who breached the White House and State Dept several years ago and have attempted to steal COVID vaccine research have pulled off another brazen hack, this time compromising the top cyber firm, FireEye. w/@Joseph_Marks_ https://t.co/8vKQTdZgPT

— Ellen Nakashima (@nakashimae) December 9, 2020

Hospitals need support

The line between work and home is fuzzier than ever, with millions of people working remotely. That, as it has been established many times before, amplifies the risk of cyberattacks.

“It’s important to have robust technical policies as it relates to working remotely, including the protection of endpoints and the considerations of using unmanaged devices. The cloud-based threat management tools on the market that can be deployed as a service are an important tool in a larger work from home environment. Organizations should also consider implementing and enforcing multifactor authentication, and also ensure that mobile device management enforces equivalent controls for access to cloud environments,” Mann said. 

Some organizations, such as hospitals and other healthcare institutions that are holding the frontlines these days, face big challenges from the cybersecurity perspective as well. There have been numerous reports about cyberattacks on hospitals, and a ransomware attack claimed its first victim earlier this year.

“There’s no question that hospitals need support. Too often, healthcare systems’ cybersecurity is underfunded, and investing proactively is key. As one example, ransomware is a known threat, and addressing a breach is more costly than the controls needed to reduce the risk. There is also a big question around medical device security, which can impact patient care as well,” Garfield told CyberNews.

What techniques will criminals deploy while attacking companies distributing vaccines are up to our guessing, of course.

“Awareness and training are key – as always. In fact, phishing continues to be the optimal path to infiltration. Equally important are controls and configurations designed to reduce the prevalence of phishing emails, as well as new techniques for behavioral authentication that can reduce account compromises,” Mann said.

Share31TweetShareShare

Related Posts

Teespring data leaked on hacker forum

8+ million Teespring user records leaked on hacker forum

25 January 2021
Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
MyFreeCams data leaked on hacker forum

MyFreeCams hack: 2 million user records stolen from top adult streaming site and sold on hacker forum

21 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Next Post
Close up of Google building

Google secretly gave Facebook perks, data in ad deal, U.S. states allege

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83034 shares
    Share 83024 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Facebook is tracking you: learn how to delete all Facebook data

    57 shares
    Share 57 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    69 shares
    Share 69 Tweet 0
  • Custom mechanical keyboards – 17 coolest ones we’ve ever seen

    442 shares
    Share 441 Tweet 0
Teespring data leaked on hacker forum

8+ million Teespring user records leaked on hacker forum

25 January 2021
Italy consumer association sues Apple for planned iPhone obsolescence

Italy consumer association sues Apple for planned iPhone obsolescence

25 January 2021
Google on laptop and mobile

Google vs Australia: The Battle of the Precedents

25 January 2021
Makers of Sophia the robot plan mass rollout amid pandemic

Makers of Sophia the robot plan mass rollout amid pandemic

25 January 2021
Elon Musk

Elon Musk to offer $100 million prize for ‘best’ carbon capture tech

22 January 2021
Is there life on Mars?

Is there life on Mars?

22 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!