Defending the COVID-19 vaccine rollout with best practices from the cybersecurity industry - Help Net Security

Defending the COVID-19 vaccine rollout with best practices from the cybersecurity industry - Help Net Security

Over the past year, pharmaceutical companies and healthcare organizations have rushed to develop a COVID-19 vaccine. It is a testament to the innovations of the medical industry that several companies around the globe have succeeded in creating and rolling out highly effective, life-saving vaccines in such a short period of time. However, the extremely high demand for COVID-19 vaccines makes them a tempting target for criminals seeking to make a quick buck.



All over the world, COVID-19 vaccines have created a complex nexus of converging social, economic, and cultural forces, resulting in the need to address multi-faceted threats. In this two-part series, we’ll examine the different types of security threats facing our global vaccination efforts and what our government and private industries can do to protect them, starting with cybersecurity.


How are cybercriminals threatening vaccine security?


The manufacturing, distribution, and administration of COVID-19 vaccines has a huge attack surface. Every part of the vaccination process is vulnerable to attack — from the supply chains and the manufacturing process to the distribution channels and facilities where people go to get vaccinated.


As a result, the spectrum of cyberthreats is incredibly broad: from simple emails to complicated malware and zero-day exploits, almost everything is on the table during these unprecedented times.


Here are a few of the most common types of cyberattacks we are seeing or expect to encounter in the coming months as people around the world continue to get vaccinated:


Ransomware, that ever-present threat. Cybercriminals will leverage ransomware to target critical components of the supply chain, including factories, suppliers, hospitals and clinics. All of these are attractive targets for criminals looking to money or nation-states looking to cause disruption.
Cyber-enabled extortion and disruption. This category includes iden ..