Pfizer-BioNTech COVID-19 vaccine
Sergio Perez | Reuters
The Covid-19 vaccine has been a constant target for cyber criminals from creation to deployment. In December 2020, it was reported that hackers were accessing vital vaccine data through the systems of a European regulator. More recently, it has been known that documents accessed in this violation were tampered with before being posted on the dark internet, raising concerns about how they might be used in the future.
These incidents highlight the threat cyberattacks against Covid-19 could pose to the public, but the risks don’t stop there. Researchers have already discovered ongoing campaigns aimed at exploiting people seeking access to the vaccine and even personal information being sold on the internet.
According to the latest data, an estimated 239.4 million cyberattacks were targeted against VMware Carbon Black healthcare customers in the past year. We also found an average of 816 attempted attacks per endpoint in 2020, an increase of 9,851% from 2019. In order to minimize disruption to the healthcare industry, and especially to the use of the vaccine by malicious actors, we all need to be aware of the tactics and threats that currently exist and the steps we can take to keep ourselves and others safe from cyberattacks protect.
Weak links in the vaccine distribution chain
When we look at the cyberthreats the Covid-19 vaccine supply chain is facing, it helps to divide the conversation into two distinct areas: those who make, distribute, and track the vaccine, and those who receive it . The healthcare industry is naturally responsible for introducing the vaccine. Research has consistently shown that healthcare remains one of the most targeted and vulnerable industries to cyberattack because of the sensitivity and value of the data used and the difficulty of securing the disparate systems on which it operates. The increased concentration of hackers in this sector because of the vaccine has only compounded this problem.
With vaccines up and running around the world, organizations involved in registration and distribution tracking should be a primary target for cyber criminals. Hackers will target intrusion efforts at these institutions in order to access the valuable personal information they need to collect from customers and constituents. In addition to finding data to be sold on the internet to make money, we can also expect violations to have the more destructive goal (in line with recent trends) of disrupting the vaccine distribution chain and making the vaccine available to those too slow down who need it.
For people seeking the vaccine, the cyber threat will take a different form. We have already seen a number of attacks on those waiting in line for the highly anticipated vaccine. These threats have come in the form of waterhole attacks, where unsuspecting victims are directed to a phishing website or portals and asked to enter sensitive information which then gets straight into the hands of hackers. From there, the hackers take the data for sale in dark web forums and promise the highest bidder account breaches and identity theft.
An example of one of these waterhole attacks was recently shared on Twitter by a security researcher. The fake website, which is aimed at users in Turkey, instructs users to download an application to apply for a vaccine. In reality, users download a popular banking Trojan called “Cerberus” which is then used to steal valuable data from a victim’s device.
Cyber Immunity Best Practices
When the threats described above come together, they have very serious and potentially harmful consequences for the efficient and effective adoption of vaccines. In addition to the obvious effects of disruptions in vaccine distribution, a loss of public confidence due to violations of the rollout must be avoided.
Fortunately, there are basic best practices that both individuals and organizations can use to achieve “cyber immunity” which, when widely used, can significantly reduce the risk of vaccine-related cyber attacks.
● Segmentation: Networks should be kept separate if possible. For organizations, traffic between them should be limited by strict guidelines. At home, individuals should use multiple router networks, assigning one for personal use and the other for work.
● Multi-factor authentication: Organizations and individuals should implement MFA whenever possible, as this second layer of protection is a significant deterrent against hackers looking for simple intrusion.
● Managing vulnerabilities: Most cyber attacks take advantage of unpatched vulnerabilities. Make sure you automate the deployment of critical updates for all operating systems and applications.
● Detection and prevention of behavioral abnormalities at endpoints: The ability to detect abnormal and abnormal behavior on networks is too much of a task for humans. State-of-the-art automated endpoint protection (EPP) platforms must be deployed across networks and endpoints to ensure that intruders are detected as they enter a system. Once installed, threat scanning must be done regularly. Threat hunting occurs when security teams are actively looking for behavioral anomalies rather than relying on alerts.
● To act with caution: Social engineering attacks, in which hackers attempt to take advantage of current events like the coronavirus and the introduction of vaccines, to trick potential victims into sharing confidential information or downloading malware, remain a popular strategy for attackers. This applies to organizations and individuals alike. The best defense against these attacks is to always be careful what you click. If something looks fishy, it probably is. Finally, don’t click hyperlinks. Instead, cut them out and paste them into a browser. Check the url so you know where it will take you before you get there.
Protect yourself, protect others
As with Covid-19 itself, it is not only in your own interest to take the correct precautions, but also in the interests of those around you. Implement these cybersecurity best practices to help mitigate a digital pandemic and ensure the vaccine is delivered to those who need it as quickly and safely as possible.
When it comes to cybersecurity, vigilance is key. Stay vigilant and proactive as your reputation and digital health depend on it.
– By Tom Kellermann, Head of Cybersecurity Strategy, VMware Carbon Black and a member of the CNBC Technology Executive Council