This blog was written by an independent guest blogger.
COVID-19 vaccines are starting to roll out after a year of grappling with the pandemic. While this certainly inspires hope for the future, there are still risks on the road ahead. As distribution ramps up, vaccine-related cybersecurity concerns are also rising.
Cybercrime has been a prominent side effect of the pandemic throughout the past year. This wave of cyberattacks shows no signs of slowing as vaccines roll out, with some threat actors targeting distribution. Here are five of the leading cybersecurity concerns surrounding the COVID-19 vaccines.
1. State-sponsored spear-phishing
In early December, the Department of Homeland Security issued a warning about cyberattacks targeting the vaccine supply chain. Threat actors sent a series of spear-phishing emails to organizations involved in COVID vaccine storage and transport. These attacks sought to steal network access credentials and, perhaps more troubling, seemed to be government-sponsored.
Security experts noted that these attacks seemed too sophisticated for a random criminal operation. While it’s uncertain what country could be behind the spear-phishing attempts, it’s a troubling prospect. Malicious nation-states may be aiming to incite civil or economic disruption.
2. Cold chain IoT attacks
Spear-phishing isn’t the only threat that faces the vaccine supply chain. Given the vaccines’ cold storage requirements, some organizations have turned to IoT tracking devices to ensure their safe and timely delivery. These sensors are a potential life-saver for vaccine distribution, but any endpoint represents a potential vulnerability.
Most IoT devices today feature little to no built-in security, leaving them vulnerable to criminals. If someone were to hack into these sensors, it could be disastrous. They could interfere with GPS data, adjust storage temperatures or otherwise jeopardize the vaccines.
3. Vaccine scams
Since the vaccines have such a short shelf life, effective distribution relies on quickly reaching out to patients and scheduling appointments. Many health care organizations have turned to text-based outreach programs to streamline this process. Unfortunately, fraudsters have started mimicking these organizations to take vulnerable users’ money.
Authorities have noticed an uptick in vaccine-related scams as the rollout continues. Many of these specifically target older patients who may be less likely to recognize a hoax.
4. Ransomware attacks
As hospitals and other health care organizations vaccinate more people, they acquire more patient data. This highly sensitive information is a potential goldmine for hackers. Consequently, ransomware attacks targeting these organizations may increase as vaccine distribution continues.
Ransomware is already a growing problem. Bitdefender’s Mid-Year Threat Landscape Report found that these attacks increased by more than 715% year-over-year in 2020. With vaccinations generating more valuable medical data, this trend could continue to rise.
5. Misinformation campaigns
In late January, the European Medicines Agency reported a data breach where hackers manipulated official documents before releasing them. As a result, the threat actors could have spread misinformation and undermined trust in the vaccines. In a time as chaotic as a pandemic, people may be desperate for information and more likely to believe it.
If these campaigns become widespread enough, they could potentially convince millions of people to avoid vaccination. Fewer vaccinations would hinder the chances of developing herd immunity, and global health could suffer as a result.
Strong cybersecurity is a must for vaccine rollout
Governments and health care organizations must keep cybersecurity in mind as they distribute these vaccines. Cyberattacks targeting distribution could go beyond financial damage and jeopardize public health. If vaccine rollout is to be as effective as possible, all involved parties need to establish robust cybersecurity measures.
COVID-19 isn’t the only danger the public faces amid the pandemic. Cybercrime is growing in both frequency and severity and is now targeting the nation’s pandemic response. As a result, the medical industry must improve its cybersecurity to ensure safe vaccine distribution.