COVID-19 named by WHO for Novel coronavirus NCP concept. Doctor or lab technician holding blood sample with novel (new) coronavirus N.C.P. in Wuhan, Hubei Province, China, medical and healthcare
Getty Images/iStockphotoThe European Medicines Agency (EMA), the EU regulatory body in charge of approving COVID-19 vaccines, said today it was the victim of a cyber-attack.
In a short two-paragraph statement posted on its website today, the agency discloses the security breach but said it couldn’t disclose any details about the intrusion due to an ongoing investigation.
The agency is currently in the process of reviewing applications for two COVID-19 vaccines, one from Spanish pharma giant Moderna, and a second developed in a collaboration between BioNTech and Pfizer.
An EMA spokesperson did not return a request for comment seeking info if the attack targeted its vaccine approval process or if it was a financially-motivated attack like ransomware.
Nonetheless, news of the attack is highly likely to trigger speculation among cyber-security experts as to the true motives behind the attack.
Over the past months, numerous companies working on COVID-19 research and vaccines have been the targets of hackers, and especially of state-sponsored hacking groups.
Companies like Johnson & Johnson, Novavax, Genexine, Shin Poong Pharmaceutical, Celltrion, AstraZeneca, Moderna, and Gilead have been targeted by hackers, according to reports from Reuters and the Wall Street Journal.
In November, OS maker and cyber-security giant Microsoft said it detected three nation-state hacking groups (known as APTs) targeting seven companies working on COVID-19 vaccines, singling out Russia’s Strontium (Fancy Bear) and North Korea’s Zinc (Lazarus Group) and Cerium for the attacks.
Speaking at the Aspen Cyber Summit last week, Marene Allison, the Chief Information Security Officer at Johnson & Johnson, said companies like her employer are seeing cyber-attacks from nation-state threat actors “every single minute of every single day.”
IBM also reported last week that hackers were looking to compromise companies working in the “cold chain” of COVID-19 vaccines.
EMA said it would provide further information on the hack once they learn more.
