Developing a vaccine is a long and difficult procedure, but cyberespionage is quick and cheap. It’s hardly surprising, therefore, that the number of reports of cyberattacks on vaccine developers is going up.
When researchers with vaccine developer AstraZeneca received fake emails with job offers in late November, it quickly became clear that it was a cyberattack.
Hackers had placed malware in the emails, in an attempt to gain access to the research database for COVID-19 vaccine trials.
The news agency Reuters reported that the methods used in the emails pointed to North Korea as the perpetrator.
SARS-CoV-2 vaccines have become the holy grail of the pharmaceutical industry these days — the number of resources invested in their development is unmatched in history. The economies of countries around the world hinge on the availability of a vaccine able to rein in the pandemic, a fact best illustrated by the euphoric reaction from stock markets to the recent news of the BioNTech-Pfizer vaccine breakthrough .
‘High risk of targeted attacks’
Experts have warned that those seeking to make a quick profit from the research work of others won’t hesitate to resort industrial espionage.
Arne Schönbohm, president of Germany’s information security agency BSI, has spoken of threats against Germany’s pharmaceutical companies and vaccine researchers.
“There is a high risk of targeted attacks against our research institutions,” he told DW.
The BSI works on prevention, and it counsels companies and service providers on how to protect themselves against cyberattacks.
There hasn’t been a recent successful attack on a German pharmaceutical company, but the AstraZeneca incident shows the extent of the risk.
On an internal blog in mid-November, a high-ranking Microsoft manager posted reports of cyberattacks on seven vaccine developers in Canada, France, India, South Korea, and the US. Hackers in Russia and North Korea were suspected to be behind the attacks — and they were said to be connected to their respective governments.
In October, the US cybersecurity company Crowdstrike published information on an attack on Japanese laboratories, pointing the finger at China.
And back in July the secret services of the US, Canada and the UK published a joint declaration blaming Russian hackers for attacks on COVID-19 vaccine developers. The UK’s National Cyber Security Centre found that the group had been operating under the label APT 29 (advanced persistent threat), also known as Cozy Bear. The group was “almost certainly” linked to Russian intelligence and intended to steal information and intellectual property.
Britain’s Foreign Secretary Dominic Raab said he was “absolutely confident” in allegations by the UK and its allies that Russia had targeted labs conducting coronavirus research, branding the behavior “outrageous and reprehensible.”
“It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic. While others pursue their selfish interests with reckless behavior, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health,” Raab said at the time.
Russia, meanwhile, has rejected the accusations.
Mikko Hypponen, a Finnish cybersecurity expert, said it’s not surprising that secret services would be behind industrial espionage.
“Their mission is to defend their nation against attacks,” he told DW. “So in that sense, it is not surprising that we are seeing nation-state intelligence agencies trying to gain an edge, which would help them defend their nation against a pandemic.”