Why hackers attack Covid vaccine data

The headquarters of the European Medicines Agency on December 4, 2020 in Amsterdam, the Netherlands.

-

AFP

• On Wednesday, the European Medicines Agency announced that it had been targeted by a cyberattack.

  Documents related to Pfizer and BioNTech have been hacked.

• In recent months, many hacks and hacking attempts have taken place on establishments linked to the Covid-19 pandemic.

• "It is far from over, the Covid is a very broad geopolitical issue," warns Gérôme Billois, expert in cybersecurity.

Does the European Medicines Agency (EMA) have the means to fight cyber attacks?

The establishment responsible for giving the signal start to vaccination against the coronavirus in Europe has announced that it has been the target of hackers "for the past two weeks", causing concern in the midst of a global pandemic.

20 Minutes

returns to the case.

What happened ?

We still know very little about this investigation.

"The agency quickly opened a full investigation, in close cooperation with the police," the Amsterdam-based AEM said soberly on Wednesday in a statement.

It does not specify when exactly the attack took place, or by whom it was carried out.

The Pfizer group immediately announced that documents related to the authorization request for its vaccine had been hacked during this cyberattack, but that "neither the BioNTech system nor that of Pfizer (had) been violated in connection with this incident ".

The AEM assured this Thursday that the cyberattack would not impact the delivery of vaccines.

She is carrying out an investigation "in conjunction with experts from cybersecurity organizations across the EU, judicial authorities and Dutch police," said agency director general Emer Cook.

What are the hackers' objectives by targeting establishments linked to the Covid?

Logistics companies, laboratories, drug agencies ... Gérôme Billois, cybersecurity expert for the Wavestone firm, has observed an increase in attacks "throughout the Covid chain" in recent months.

Recent example: Microsoft denounced in mid-November attacks on several structures involved in the race against Covid, in Canada, South Korea and France.

According to the specialist, hackers can have two objectives: capturing strategic information, for espionage purposes, such as the vaccine formula for example.

And destabilization, the preferred hypothesis in the case of the AEM: “Today, we know that there is a health issue in the vaccine, but for people to be vaccinated, they must have confidence.

Any operation on the distribution chain can have effects on the confidence of the populations and on the economic recovery, by rebound, ”he explains.

"It is far from over, the Covid is a very broad geopolitical issue", concludes Gérôme Billois.

How do these medical structures protect themselves against these attacks?

Difficult to know precisely how to protect the AEM in particular.

“What is certain is that the world of health, of hospitals, is often under-equipped in terms of security.

These are often public structures, which have financial difficulties and cybersecurity until recent years was not in the investment priorities.

There is a delay to catch up, ”says Gérôme Billois.

“In some departments, medical devices are connected to the office automation system, which is fragile,” says Nacira Salvan, cybersecurity expert and creator of the Cybersecurity Women's Circle.

“During the Covid period, the threat has multiplied.

With teleworking, for example, we are opening several breaches in the information system.

"A solution that should not improve with the proliferation of connected health objects such as insulin pumps or pace-makers.

“Can you imagine the perimeter of attack offered to hackers!

»Warns Nacira Salvan.

How do you investigate a cyberattack to find hackers?

Tracing the origin of a cyberattack is a challenge.

"It's extremely difficult because the Internet makes it easy to hide traces and bounce back and forth between several countries," explains Gérôme Billois.

“To follow cyberattackers, we have to call on the international cooperation of law enforcement agencies, such as Europol or Interpol.

These are very long processes, much longer than the life cycle of an attack, ”he explains.

“The number 1 cyber attack is ransomware and ransomware,” adds Gérôme Billois.

“It is an attack which is very profitable financially, which can go up to more than 500%.

There is a real cybercrime mafia which is rising and which has more and more resources ”, regrets the specialist.

Especially since the penalties are heavy, but still very rare.

Economy

Cybersecurity: "Teleworking will accentuate our digital vulnerabilities", believes the boss of the Bordeaux start-up Tehtris

World

United States: Several hospitals targeted by cyber attacks

• Cybersecurity

• Covid 19

• Coronavirus

• Health

• Cyber ​​attack

• Piracy