December 10, 2020

Vaccine documents hacked in European Medicines Agency cyberattack

By Ellen Daniel

The European Medicines Agency (EMA), which is responsible for the evaluation and supervision of medical products including the Covid-19 vaccine, has been hit by a cyberattack.

In a statement, the agency confirmed the attack and said that it had “swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities”. It said it was unable to give further details while the investigation was taking place.

This follows the approval of the Pfizer/BioNtech Covid-19 vaccine in the UK by the Medicines and Healthcare products Regulatory Agency (MHRA). The EMA is involved in the approval of the vaccine for use in the European Union, as well as a vaccine made by Moderna.

BioNtech said that it had been informed by the agency that some Covid-19 vaccine regulatory submission documents that were stored on an EMA server had been “unlawfully accessed”. It is “unaware” that any study participants have been identified.

It also said that the EMA had assured the biotechnology company that the attack would not affect the timeline for the vaccine’s review.

In a statement, the UK’s National Cyber Security Centre said that there was “currently no evidence to suggest that the UK’s medicine regulator has been affected”.

European Medicines Agency cyberattack: Vaccines targeted again

The development of Covid-19 vaccines has attracted the attention of cybercriminals, with pharmaceutical company Dr Reddy’s hit by an attack in October.

In November, Microsoft warned that Russian threat actors Strontium and two actors known as Zinc and Cerium, thought to originate in North Korea, are targeting organisations connected to vaccine development.

Mark Hendry, director of data protection and cybersecurity at DWF, said:

“Despite some ransomware attack groups making public statements regarding a ceasefire against organisations operating in the health sector during the Covid-19 pandemic, these organisations and sectors have continued to experience cyberattacks. Attacks originate from threat actor groups ranging from criminal ransomware operators (whether or not they have declared a ceasefire) to nation-state attackers, each with different capabilities and motives.

“Cyber attackers will often lie in wait for the opportune moment, releasing their attack at the point in time when they perceive cyber defences of their target to be weakened and/or when an attack can cause maximum disruption and impact. In this particular breach example, it comes at a time when the organisation is heavily involved in the vital Europe-wide mission to limit, treat, and vaccinate against Covid-19.”

Mikko Hyppönen, chief research Officer at F-Secure, said:

“Intelligence agencies have a job of defending their nations from outside threats. In that sense it’s not surprising to see intelligence agencies try to steal vaccine research data, if they see Covid-19 as one of those outside threats and if they believe that stealing research data makes it easier to defend their nations.

“Biontech was able to defend their research as long as it was on their own systems. However, there’s nothing they could do to protect their research data when it was going through regulatory processing on governmental systems. Attackers will find the easiest way to gain access to the data they are after.”


Read More: Covid vaccine will “inevitably” be target of cyberattacks “over the next 12 months”.