Biden's COVID-19 Plan Calls for Assessment of CyberthreatsNational Intelligence Director to Lead Effort to Protect Vaccines
At the center of the strategy is “a safe, aggressive vaccination campaign” to meet the goal of administrating 100 million vaccine shots in the administration’s first 100 days, Biden said at a Thursday press briefing. “This will be one of the greatest operational challenges our nation has ever undertaken."
Director of National Intelligence’s Role
The document calls for the director of national intelligence to lead the risk assessment.
On Wednesday, the Senate approved Avril Haines as national intelligence director. She's been a vocal proponent of improving U.S. organizations' cybersecurity postures as well as public and private cooperation.
“The U.S. government will take steps to address cyberthreats to the fight against COVID-19, including cyberattacks on COVID-19 research, vaccination efforts, the healthcare systems and the public health infrastructure,” Biden’s coronavirus strategic document states.
The strategy paper also notes that the national intelligence director will assist “in the federal government’s efforts to provide warning of pandemics, protect our biotechnology infrastructure from cyberattacks and intellectual property theft, identify and monitor biological threats from states and non-state actors, provide validation of foreign data and response efforts and assess strategic challenges and opportunities from emerging biotechnologies.”
Responding to the initiative, Greg Garcia, executive director of cybersecurity of the public-private Healthcare and Public Health Sector Coordinating Council, says: “It’s critically important that the [Biden] administration continue the work that’s been done under [the Trump administration’s] Operation Warp Speed to mitigate threats of cyberattacks against the vaccine supply chain and research community. The health sector has been working closely with the Department of Health and Human Services and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency over the past several months in this area.”
Garcia recommends educating all those in the vaccine value chain about the imperative of investing in strong data and network security. He says all participants must “work together to identify those critical linchpin functions and entities - for which there is little or no redundancy – and develop protective and backup strategies in the event of cyber or physical disruption.”
Threat Intelligence Sharing
Errol Weiss, chief security officer at the Health Information Sharing and Analysis Center, points out: "IP theft, disinformation and security threats against the development, manufacture and distribution of biotechnology are not new - although they are certainly more visible with COVID-19.”
As part of the pandemic response, “Health-ISAC has formed dedicated working groups to help improve security of the entire vaccine supply chain,” he adds.
In recent months, some threat actors have targeted COVID-19 vaccine development and distribution.
For instance, in November, Microsoft warned that three state-sponsored advanced persistent threat groups - one Russian, two North Korean - had been targeting companies across the globe involved in COVID-19 vaccine and treatment development.
Then in December, CISA and IBM X-Force alerted organizations involved in COVID-19 vaccine production and distribution of a global phishing campaign targeting the cold storage and transport supply chain (see: Phishing Campaign Targets COVID-19 'Cold Chain').
Also in December, Europol, the European Union's law enforcement agency, warned that organized crime gangs have "reacted swiftly to adapt methods and product offerings to the COVID-19 pandemic." That alert followed a warning from international law enforcement agency Interpol about a potential surge in organized crime activity tied to COVID-19 vaccines.
More recently, the European Medicines Agency, which helps evaluate and authorize medicines and vaccines, including those for COVID-19, revealed that documents on coronavirus vaccines and medications, including some containing personal information, were stolen in a cyberattack last month.
The EMA said last week that some of the COVID-19 vaccine documents that were leaked on the internet have been "manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines."