Both China and Russia were reportedly behind two cyberattacks last year at the European Medicines Agency that compromised documents related to covid-19 vaccines and treatments.
That’s according to sources familiar with the ongoing investigation who spoke with the Dutch newspaper De Volkskrant per Reuters. In December, the Amsterdam-based European drug regulator released a statement disclosing a breach and launched an investigation with Dutch and European law enforcement officials. The EMA hasn’t yet named any suspected culprits or possible motives.
China-backed hackers attacked in the first half of 2020, while Russia followed later that year, stealing documents regarding covid-19 vaccines and medicines that were later leaked online, De Volkskrant reported on Saturday. Chinese spies reportedly hacked into EMA’s systems by way of a German university, said the outlet’s sources per Reuters. Meanwhile, Russian intruders reportedly had access to EMA’s systems for over a month after exploiting flaws in the agency’s two-step verification login and other cybersecurity safeguards.
They mostly appeared interested in the shipping destinations and purchase sizes for Pfizer and BioNTech’s covid-19 vaccine. (Shortly after the EMA’s disclosure, Pfizer and BioNTech confirmed that documents related to their vaccine had been “unlawfully accessed” in the breach.)
The EMA confirmed that its investigation remains ongoing but declined to comment further, per Reuters.
“A criminal investigation by law enforcement authorities and other entities is ongoing and EMA is of course fully cooperating,” EMA spokesperson Monika Benstetter told the outlet.
Officials in Russia and China have historically denied any kind of state-sponsored collusion with hacking campaigns regardless of evidence. But then, there are plenty of security incidents to point to that make this latest news unsurprising. Even in just the past few months, a massive user data breach at Microsoft was linked to China-backed hackers, and then there’s the sprawling SolarWinds hack, in which Russian spies compromised systems for some 18,000 public and private entities, including several government agencies.
While the motives behind the EMA cyberattacks remain unclear, it’s safe to assume they weren’t up to any good. It’s possible they might have been trying to use this vaccine data to influence or coerce nations desperate for additional vaccine shipments.