Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

EU Regulator: Hackers ‘Manipulated’ Stolen Vaccine Documents

The European Union’s drug regulator said Friday that COVID-19 vaccine documents stolen from its servers by hackers have been not only leaked to the web, but “manipulated.”

The European Union’s drug regulator said Friday that COVID-19 vaccine documents stolen from its servers by hackers have been not only leaked to the web, but “manipulated.”

The European Medicines Agency said that an ongoing investigation showed that hackers obtained emails and documents from November related to the evaluation of experimental coronavirus vaccines. The agency, which regulates drugs and medicines across the 27-member EU, had troves of confidential COVID-19 data as part of its vaccine approval process.

“Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines,” the Netherlands-based agency said.

“We have seen that some of the correspondence has been published not in its integrity and original form and, or with, comments or additions by the perpetrators.”

The agency did not explain exactly what information was altered — but cybersecurity experts say such practices are typical of disinformation campaigns launched by governments.

Italian cybersecurity firm Yarix said it found the 33-megabyte leak on a well-known underground forum with the title “Astonishing fraud! Evil Pfffizer! Fake vaccines!” It was apparently first posted on Dec. 30 and later appeared on other sites, including on the dark web, the company said on its website.

Yarix said “the intention behind the leak by cybercriminals is certain: to cause significant damage to the reputation and credibility of EMA and Pfizer.”

Cybersecurity consultant Lukasz Olejnik said he believed the intention was far more broad.

“I fear this release has a significant potential of sowing distrust in the EMA process, the vaccines, and vaccination in Europe in general,” he said. “While it is unclear as to who may be behind this operation, it is evident that someone determined allocated resources to it.”

“This is an unprecedented operation targeting the validation of pharmaceutical material, with potentially broad negative effects on the health of Europeans if it leads to undermining trust in the vaccine,” Olejnik added.

The EMA said law enforcement authorities are taking “necessary action” in response to the hack and a criminal investigation is ongoing.

It said that given the devastating toll of the pandemic, there was an “urgent public health need to make vaccines available to EU citizens as soon as possible.” The EMA insisted that despite that urgency, its decisions to recommend the green-lighting of vaccines were based “on the strength of the scientific evidence on a vaccine’s safety, quality and efficacy, and nothing else.”

The EMA, which is based in Amsterdam, came under heavy criticism from Germany and other EU member countries in December for not approving vaccines against the virus more quickly. The agency issued its first recommendation for the Pfizer and BioNTech vaccine weeks after the shot received approval in Britain, the United States, Canada and elsewhere.

The EMA recommended a second vaccine, made by Moderna, for use earlier this month. A third shot made by AstraZeneca and Oxford is currently under consideration by the agency.

Related: Hackers Publish COVID-19 Vaccine Data Stolen From EU Medicines Agency

Related: EU Agency Assessing Covid-19 Vaccines Hit by Cyberattack

Related: Vaccine Documents Hacked as West Grapples With Virus Surge

 

Related: North Korean Hackers Target COVID-19 Research

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.