On Wednesday evening, unknown hackers managed to penetrate the system of the European Medicines Agency (EMA). In doing so, they were able to capture individual pieces of information on a Corona vaccine that is currently in the approval process. The authority is currently reviewing the approval of the vaccine developed by the Mainz-based company Biontech and the US pharmaceutical giant Pfizer. EMA has not yet disclosed exactly how many and which data are involved.
Who has an interest in data on the Corona vaccine?
It is also still unclear who is responsible for the attack. Experts suspect that secret services, for example from Russia or China, are behind the attack. However, this has not yet been proven. Nevertheless, there are indications that this was a state-initiated attack; The initial approval of an effective and low-risk Corona vaccine is more than just a prestige project for a nation; it is of great economic value. For one thing, patent sales have a direct impact on the national economy. For another, an effective vaccine can ease lockdown regulations, which additionally allows the national economy to recover more quickly.
Biontech and Pfizer emphasize that no data were stolen that would allow conclusions to be drawn about individual test subjects. EMA also announces that the incident has no impact on the further approval process.
Can such attacks be prevented in the future?
Nevertheless, the cyberattack shows how important increased IT security standards are for all organizations in a chain: Biontech and Pfizer’s IT systems are very well secured, experts say. The company emphasizes that it could not notice any activity on their systems. This shows that the hackers did not focus on the well-secured private sector systems. But on the less well-secured ones of the EU authority.
Data protection experts have previously complained, particularly for the healthcare sector, that important data is often only secure in the government’s own system. It is not advisable to assume that upstream and downstream systems meet the same security requirements. This has been proven once again by the current incident. The introduction of a uniformly high-security standard in public institutions as well would therefore be beneficial.
You can read more about data protection problems in IT in the German healthcare sector here.
In this blog article, we have summarized why the healthcare sector is coming under the scrutiny of hackers, especially in times of a pandemic.