The cyberattack targeting the European Medicines Agency earlier this week confirmed what many had previously suggested: that healthcare institutions involved in vaccine research and distribution will be consistently targeted in the coming months by malicious actors.
In this instance, data on the vaccine was stolen. Moving forward, the next attack might offset distribution or delay production, potentially putting lives on the line.
At the start of lockdown, cybercriminal groups vowed to not attack healthcare and research organisations, yet not all have kept their word. Just last week the world watched in horror as the vaccine “cold chain” was attacked by cybercriminals. Now, we see hostile actors attempting to steal critical data during its review process at the European Medical Agency.
Whoever is behind the repeated attacks against the vaccine research and distribution is investing considerable resources and ingenuity in stealing this data. It’s easy to blame the victim in cases like these, but organisations would do well to remember that cybercriminals have much to win and spare no effort in gaining access to valuable data. The groups — whether independent or backed by nation-states that target this type of intellectual property — are motivated by geopolitical control as well as monetary gain. The player in possession of what is today the most valuable data in the world will obtain incredible leverage on the world stage.