European Medicines Agency data breach

Last updated

In December 2020 the European Medicines Agency announced that it had been targeted in a cyberattack. [1] [2] The agency announced that it had opened a full investigation in close cooperation with law enforcement and other entities but declined to give details of the attack while the investigation was ongoing. [1] [2]

In a separate announcement BioNTech said that files relating to the COVID-19 vaccine it had developed with Pfizer had been unlawfully accessed after a cyberattack on the EMA. [2] BioNTech also said that "No BioNTech or Pfizer systems have been breached in connection with this incident and we are unaware of any personal data of study participants being accessed." [2]

Neither the dates nor the methods of the cyberattack were revealed, nor who the perpetrators were. [2]

The National Cyber Security Centre in the United Kingdom announced that it was studying the situation and how it would affect the UK. [2] The UK is the first country where the BioNTech/Pfizer vaccine was deployed. [2]

Russia and China accused

In March 2021 the Dutch newspaper De Volkskrant published an article saying "sources close to the investigation" has disclosed that a Russian intelligence agency and Chinese spies were behind the attacks. [3]

Related Research Articles

Pfizer American multinational pharmaceutical corporation

Pfizer Inc. is an American multinational pharmaceutical and biotechnology corporation headquartered on 42nd Street in Manhattan, New York City. The company was established in 1849 in New York by two German immigrants, Charles Pfizer (1824–1906) and his cousin Charles F. Erhart (1821–1891).

Medicines and Healthcare products Regulatory Agency Medicine regulation agency in the UK

The Medicines and Healthcare products Regulatory Agency (MHRA) is an executive agency of the Department of Health and Social Care in the United Kingdom which is responsible for ensuring that medicines and medical devices work and are acceptably safe.

Cyberwarfare Use of digital attacks against a nation

Cyberwarfare is the use of digital attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting the vital computer systems. There is significant debate among experts regarding the definition of cyberwarfare, and even if such a thing exists. One view is that the term "cyberwarfare" is a misnomer, since no offensive cyber actions to date could be described as war. An alternative view is that "cyberwarfare" is a suitable label for cyber attacks which cause physical damage to people and objects in the real world.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by the Chinese military against other countries.

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, society, or organizations, and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon.

Cozy Bear, classified by the United States federal government as advanced persistent threat APT29, is a Russian hacker group believed to be associated with one or more intelligence agencies of Russia. The Dutch General Intelligence and Security Service (AIVD) deduced from security camera footage that it is led by the Russian Foreign Intelligence Service (SVR); this view is shared by the United States. Cybersecurity firm CrowdStrike also previously suggested that it may be associated with either the Russian Federal Security Service (FSB) or SVR. The group has been given various nicknames by other cybersecurity firms, including CozyCar, CozyDuke, Dark Halo, The Dukes, NOBELIUM, Office Monkeys, StellarParticle, UNC2452, and YTTRIUM.

Lazarus Group is a cybercrime group made up of an unknown number of individuals run by the North Korean state. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include HIDDEN COBRA and Zinc.

The 2017 Westminster data breach occurred on 23 June 2017, when an unauthorised attempt was made to gain access to email accounts belonging to a number of politicians at the United Kingdom's Houses of Parliament. Whitehall officials have claimed that Iran was behind the attack.

COVID-19 vaccine Vaccine designed to provide acquired immunity against SARS-CoV-2

A COVID‑19 vaccine is a vaccine intended to provide acquired immunity against severe acute respiratory syndrome coronavirus 2 (SARS‑CoV‑2), the virus that causes coronavirus disease 2019 (COVID‑19).

Moderna COVID-19 vaccine RNA COVID-19 vaccine

The Moderna COVID‑19 vaccine, sold under the brand name Spikevax, is a COVID-19 vaccine developed by American company Moderna, the United States National Institute of Allergy and Infectious Diseases (NIAID), and the Biomedical Advanced Research and Development Authority (BARDA). It is authorized for use in people aged twelve years and older in some jurisdictions and for people eighteen years and older in other jurisdictions to provide protection against COVID-19 which is caused by infection by the SARS-CoV-2 virus. It is designed to be administered as two or three 0.5 mL doses given by intramuscular injection at an interval of at least 28 days apart.

BioNTech German biotechnology company

BioNTech SE is a German biotechnology company based in Mainz that develops and manufactures active immunotherapies for patient-specific approaches to the treatment of diseases. It develops pharmaceutical candidates based on messenger ribonucleic acid (mRNA) for use as individualized cancer immunotherapies, as vaccines against infectious diseases and as protein replacement therapies for rare diseases, and also engineered cell therapy, novel antibodies and small molecule immunomodulators as treatment options for cancer.

COVAX Initiative to provide COVID-19 vaccines

COVID-19 Vaccines Global Access, abbreviated as COVAX, is a worldwide initiative aimed at equitable access to COVID-19 vaccines directed by the GAVI vaccine alliance, the Coalition for Epidemic Preparedness Innovations (CEPI), and the World Health Organization (WHO), alongside key delivery partner UNICEF. It is one of the three pillars of the Access to COVID-19 Tools Accelerator, an initiative begun in April 2020 by the WHO, the European Commission, and the government of France as a response to the COVID-19 pandemic. COVAX coordinates international resources to enable low-to-middle-income countries equitable access to COVID-19 tests, therapies, and vaccines. UNICEF is the key delivery partner, leveraging its experience as the largest single vaccine buyer in the world and working on the procurement of COVID-19 vaccine doses, as well logistics, country readiness and in-country delivery.

Pfizer–BioNTech COVID-19 vaccine mRNA-based COVID-19 vaccine

The Pfizer–BioNTech COVID-19 vaccine, sold under the brand name Comirnaty, is an mRNA-based COVID-19 vaccine developed by the German biotechnology company BioNTech and for its development collaborated with American company Pfizer, for support with clinical trials, logistics, and manufacturing. It is authorized for use in people aged five years and older in some jurisdictions, twelve years and older in some jurisdictions, and for people sixteen years and older in other jurisdictions, to provide protection against COVID-19, caused by infection with the SARS-CoV-2 virus. The vaccine is given by intramuscular injection. It is composed of nucleoside-modified mRNA (modRNA) encoding a mutated form of the full-length spike protein of SARS-CoV-2, which is encapsulated in lipid nanoparticles. Initial advice indicated that vaccination required two doses given 21 days apart, but the interval was later extended to up to 42 days in the US, and up to four months in Canada.

June Raine Chief executive of the MHRA

Dame June Munro Raine, is a British pharmacologist who is currently serving as the Chief Executive of the Medicines and Healthcare products Regulatory Agency (MHRA) in the United Kingdom. Raine spent much of her career in the Medicines Division of the MHRA. She came to wider public prominence in December 2020, when the MHRA was the first regulator to approve an mRNA vaccine for use in humans, and the first Western regulator to approve a COVID-19 vaccine, namely Pfizer and BioNTech's, BNT162b2.

2020 United States federal government data breach US federal government data breach

In 2020, a major cyberattack suspected to have been committed by a group backed by the Russian government penetrated thousands of organizations globally including multiple parts of the United States federal government, leading to a series of data breaches. The cyberattack and data breach were reported to be among the worst cyber-espionage incidents ever suffered by the U.S., due to the sensitivity and high profile of the targets and the long duration in which the hackers had access. Within days of its discovery, at least 200 organizations around the world had been reported to be affected by the attack, and some of these may also have suffered data breaches. Affected organizations worldwide included NATO, the U.K. government, the European Parliament, Microsoft and others.

COVID-19 vaccination in Italy Immunization plan against COVID-19 in Italy

The COVID-19 vaccination campaign in Italy is a mass immunization campaign that was put in place by the Italian government in order to respond to the ongoing COVID-19 pandemic. It started on 27 December 2020, together with most countries in the European Union.

History of COVID-19 vaccine development Scientific work to develop a vaccine for COVID-19

SARS-CoV-2, the virus that causes COVID-19, was isolated in late 2019. Its genetic sequence was published on 11 January 2020, triggering the urgent international response to prepare for an outbreak and hasten development of a preventive COVID-19 vaccine. Since 2020, vaccine development has been expedited via unprecedented collaboration in the multinational pharmaceutical industry and between governments. By June 2020, tens of billions of dollars were invested by corporations, governments, international health organizations, and university research groups to develop dozens of vaccine candidates and prepare for global vaccination programs to immunize against COVID‑19 infection. According to the Coalition for Epidemic Preparedness Innovations (CEPI), the geographic distribution of COVID‑19 vaccine development shows North American entities to have about 40% of the activity, compared to 30% in Asia and Australia, 26% in Europe, and a few projects in South America and Africa.

European Commission–AstraZeneca COVID-19 vaccine dispute Dispute between the European Union and AstraZeneca

A dispute broke out in January 2021 between the European Commission and the pharmaceutical company AstraZeneca AB about the provision of COVID-19 vaccines during the COVID-19 pandemic, and, in February, spilled out into a dispute over Article 16 of the Northern Ireland Protocol. Vaccination proceeded apace in the UK but more slowly in the EU, and by the end of March 2021, over 30% of the UK population had received at least one dose of vaccine compared to about 8% of the EU population. This was partly due to limited availability of the AstraZeneca vaccine in the EU. The World Health Organization and the European Medicines Agency continued to state that the vaccine was safe and effective. However, a representative of the European Medicines Agency said in June that vaccines based on the mRNA technology should be preferred if available for all age groups, including for the over 60s.

References

  1. 1 2 "European Medicines Agency says it has been targeted in cyber attack". TheJournal.ie . Press Association. 9 December 2020. Retrieved 10 December 2020.
  2. 1 2 3 4 5 6 7 Sabbagh, Dan (9 December 2020). "Hackers accessed vaccine documents in cyber-attack on EMA". The Guardian . Retrieved 10 December 2020.
  3. "Russian and Chinese hackers gained access to EMA". 6 March 2021.