As people hope that the best way to address the coronavirus pandemic is through vaccination. People are hoping to be vaccinated across many countries in the world. Logistics is one of the major obstacles identified to slow down the vaccination programs.
The vaccine supply chain invites a tempting target to digital criminals who can use ransomware to make a huge amount of money. Shawn Rosemarin, the vice-president of Pure Storage, says that the openness of the internet itself presents vulnerability as a whole. Pure Storage is a software development company from Vancouver, who takes part in the vaccination program, says Stevenson of torontosun.
How Ransomware works
Rosemarin further explained that the cyber criminals do not steal data from the distribution systems. Rather, criminals hack the network and forbid anyone to access unless they pay the required amount set to them. The criminals then, will send a message informing that they have gotten access to the data and have encrypted them. By paying $1M or $10M or whatever amount they ask, they will decrypt the files so that files will become accessible.
Imagine with the ongoing distribution of vaccines to different parts of the country. Data is stored in the internet for distribution guidance so that stations know how many vaccines to deliver and to which location to deliver. Then, suddenly these data become inaccessible due to the ransomware. It will practically halt the distribution and bring the vaccination problem to a standstill.
Canada’s Provincial Health Officer, Bonnie Henry, said that her agency received a security alert warning of attempted cyber attacks regarding the COVID-19 vaccine ongoing shipments. Warnings were then passed on to the National Defense and other concerned agencies.
Henry expressed concern of concerted efforts done to disrupt and sabotage the immunization efforts being done.
David Jensen, the Ontario Health Ministry spokesman, assured their constituents saying that so far they have not yet been victimized by ransomware cyberattack. This is due to the stringent security measures placed. Having robust and high security systems to ensure continuity of the vaccination programs.
Sergeant Lucie Lapointe, an Ontario’s police, said that agency has been alerted of possible scams and frauds in relation to the COVID-19 vaccination program. Lapointe further said that even though there has not been reported incidents yet, they remain vigilant and asked the public to cooperate.
Options in case of Ransomware attack
In the meantime, when ransomware attacks their system, two options were cited by Rosemarin.
1. The easiest would be to pay the hackers so that the operation can resume in the shortest time possible.
2. To restore the systems from the backup. This option, however, takes time to do so. It would take around 10 to 15 days to restore the data. The question then is how much data would have been lost along the way? And How much will it incur for the two weeks delayed?
Having an experts though can counteract the cyberattack. But this kind of expertise is difficult to find. Moreover, Rosemarin added that a lot is yet to be done to ensure that integrity of the vaccination program.