As the world races towards developing and deploying a vaccine to combat the Covid-19 pandemic, there has been a constant worry of a cyberattack against the researches and developers due to the secret nature in which these vaccines are being created. Creating, testing, and mass-producing the first effective vaccine would be a huge feather in the cap of the country which is successful, and both Russia and China have begun to roll-out vaccines to individuals in small doses following Phase 3 trials.
Between the two, Russia appears to have moved to a limited use of its vaccine, Sputnik V, first. This vaccine is produced by Dr. Reddy’s Laboratories, an Indian Company with factories all over the world, which was hit by a cyberattack over the weekend which forced it to isolate all data centers and cease operations. While the CIO for the company gave a statement stating that they expect to be operational again within 24 hours, the current cause of the attack and the damage it may have caused is unknown.
Attacks against producers and researchers of Covid-19 vaccines has been constant, and governmental agencies have warned off both state sponsored ATP groups (such as Lazy Bear or Lazarus) and criminal groups (such as DarkHotel) are involved. Ransomware attacks can be expensive, but if the data to be ransomed was Covid-19 research data, there’s no telling the price that would be paid to get it back. Beyond the potential for a lucrative payday (and possible being the target of a truly massive manhunt), state actors have an additional interest in gaining access to data about human trials, researcher notes, and production details to further the creation of their country’s vaccine.
