In early December 2020, the European Medicines Agency, EMA, announced that it had fallen victim to a cyber-attack.

 

The EMA is the European agency responsible for examining, supervising, and approving medicines across the EU. Meanwhile, the organization is also responsible for issuing permits for the use of COVID-19 vaccines.

In the cyber-attack, information about the vaccines of Pfizer and Moderna was stolen. A joint declaration of the two companies stated that a limited number of documents had been stolen from the European agency servers, relating to the approval process of the companies’ vaccines.

 

Both companies and the agency announced that the EMA continues to operate as usual, and no actual damage has been caused.

In recent months, cyber-attacks against health care organizations, research institutions, and hospitals have increased significantly. These attacks are intended to obtain information on vaccines and medicines against the COVID-19 and other trials and patients’ information.

 

In most of the attacks, the attackers were not identified, but in some of the attacks, attackers from China, Russia, Iran, and North Korea were identified.

Together with the European Medicines Agency, the companies continued their normal activities after the cyber-attack, and with the understanding that the attack has no real meaning.

The two companies are competing against each other in the European and British market segments after the EMA approved the vaccines’ use.

But despite the euphoria and the rapid return to the work routine, a different reality was discovered soon after.

In early January 2021, Pfizer leaked information from the EMA to Darknet. This information includes Pfizer documents and EMA documents, including information from the classified enterprise portal and e-mail correspondence, including from the EMA’s CEO.

The documents presented in the Darknet include EMA reports indicating that Pfizer’s vaccine is ineffective, and the testing processes performed to confirm it are abnormal.

But a spokesman for the EMA, based in Amsterdam, presented evidence that the reports presented by the cyber-attackers were fake reports, which were forged by them.

Simultaneously with the publication of the allegedly forged documents, the phenomenon of publications in Darknet for the sale of “pirated” COVID-19 vaccines made by Pfizer increased. “Pirate” vaccines can be purchased for 0.06 Bitcoin (about $ 1300). These vaccines are fake.

The anonymous attackers’ goal is unknown, but it can be estimated that the attackers may have several purposes. The first is to gather information about the vaccines to sell them to countries (especially third world countries).

The second possible reason is that the allegedly forged documents’ publication is intended to confront Pfizer in the competitive market (if the documents were published by representatives of a competing company).

Another reason could be creating a campaign against COVID-19 vaccines (several anarchist groups are trying to prevent COVID-19 vaccines from being given).

In any case, the cyber-attack on the European Medicines Agency illustrates how a cyber-attack interpreted by its victims as an insignificant attack, designed to gather information, becomes an overnight tool in the hands of the attackers, producing a global impact and disinformation.

-The writer is a former commander served in the Israeli navy for 23 years. A PhD in Defense and Security Studies, he was a senior consultant at the Israeli National Cyber Directorate. He is a recipient of various Israeli awards including Prime Minister’s Decoration of Excellence. The views expressed are personal and do not necessarily reflect the views of Raksha Anirveda