EMA warns of spoofed COVID-19 vaccine data hacked and leaked online

The European Medical Agency (EMA) has warned that information on drugs and vaccines linked to COVID-19, which was stolen in a cyberattack last December and leaked online earlier this week, includes correspondence that was manipulated prior to publication “in a way that could undermine confidence in vaccines”.

It is unclear exactly how the information – which includes schematics of drug structures and correspondence relating to COVID-19 vaccine assessment processes – was tampered with.

We contacted the agency with questions.

Security researcher Lukasz Olejnik who has raised concerns over the leak via Twitter, suggested that the falsified data would be “perfect for spreading distrust” because the biotech language involved in the leaked correspondence will not be widely accessible.

Likewise, it also seems possible that the high bar of expertise required to properly analyze the data could limit the damage that manipulated versions can do by limiting their viral appeal.

But it’s worth noting that the EMA has raised concerns about the risk of trusting coronavirus vaccines.

“Two EU marketing authorizations for COVID-19 vaccines were granted in late December / early January following independent scientific assessment,” writes EMA in latest update on the hack .

“Amid the high infection rate in the EU, there is an urgent public health need to make vaccines available to EU citizens as soon as possible. Despite this urgency, there has always been a consensus across the EU so as not to compromise high quality standards and to base any recommendations on the strength of scientific evidence on the safety, quality and efficacy of a vaccine, and nothing else.

The story continues

“The EMA is in constant dialogue with the EC and other regulators in the network and internationally. Authorizations are granted when the evidence convincingly shows that the benefits of vaccination outweigh the risks of the vaccine. Full details scientific assessments are publicly available in the European public assessment reports on the EMA website, ”he adds.

At the time of writing this report, a criminal investigation into the cyberattack is still ongoing.

The attack has not been attributed to any specific hacking group or state actor and there is no confirmation of who is responsible for attempting to stitch up coronavirus-related disinformation by sowing forged medical documents in line.

However, last November, Microsoft warned that Russian and North Korean-backed hackers had targeted pharmaceutical companies involved in COVID-19 vaccine development efforts.

In June, the European Commission also raised concerns about the risks of the coronavirus vaccine misinformation spreading in the coming months – simultaneously verifying the name of China and Russia as foreign entities that ‘she said she confirmed to be behind state-sponsored disinformation campaigns targeting the region. .

Suspicion therefore seems likely to fall on the usual “hostile suspect” states.

We have already seen similar “tricked-out” tactics attributed to Russia – usually linked to attempts to interfere with the elections by smearing candidates for high political office.

The researchers suggested that the hackers responsible for the breaches of the Democratic National Committee’s network in 2015-2016 introduced doctored data into leaked emails – an attack that was later attributed to Russia.

While, more recently, there has been the infamous ‘Hunter Biden’ laptop incident – which supporters of President Trump have sought to exploit against his White House challenger (now president-elect) in the race to last year’s presidential election.

In this case, every punch of disinformation died out amid a series of questionable claims regarding the discovery and timing of the claimed data cache (with much greater general awareness of the risk of false digital defamation tactics. in political campaigns following revelations of the extent of social media influence in Russia disappearing in the 2016 US presidential election).

In a previous incident, from 2017, emails related to French President Emmanuel Macron’s election campaign were also leaked online shortly before the vote – coinciding with a dump of documents on an internet forum suggesting that the presidential favorite had a secret bank account in the Cayman Islands. . An assertion that Macron’s political movement has called false.

In 2019, Reddit was also linked to alleged Russian political influence operation account activity involving the leaking and amplification of sensitive UK-US trade talks on its platform during the campaign. election in the United Kingdom.

It is not known whether this leaked business record was tampered with or not (it has been heavily redacted). And that certainly did not give a landslide election victory for Jeremy Corbyn’s Labor Party – which used the leaked data in his campaign. But a similar, previous operation, also attributed to Russia, had involved the leaking of false documents on several online platforms. (This disinformation operation was identified and removed by Facebook in May 2019.)

The emergence of doctored medical data leaks related to COVID-19 vaccines and treatments looks like a disturbing development of hostile cyber-desops seeking to militarize fake data to generate results unnecessary for others – as there is a direct risk to public health if confidence in immunization programs is undermined.

There have been state-level hacks targeting medical data before, too – but without the pandemic backdrop of an ongoing public health emergency.

In 2016, for example, the World Anti-Doping Agency confirmed that confidential medical data related to the Olympic doping tests of a number of athletes had been leaked by the Russian-linked cyber-hacking group “Fancy Bear.” . In this case, there was no report of the tampered data.