Stolen Secrets

Every family has that safely guarded recipe. The family secret of the special ingredient or process that makes their mom or gramma’s signature dish extra magical. It is guarded through generations, shared only in the kitchen or on a tattered recipe card. Imagine if a hacker stole that recipe and sold it to a big food manufacturer and made millions of dollars from it. You’d be heartbroken. Devastated. And what if they don’t do it correctly or make changes that make it “not as delicious”? All outcomes that no one would want.

Now imagine if this were a stolen vaccine that you’d worked tirelessly on, and instead of taste sensations being altered, lives were changed – for better or for worse, and it was out of your control? While your hard work would hopefully serve the greater good, assuming they did it correctly, other people would benefit financially from your work, or worse they might alter what you’ve done, and you wouldn’t be aware.

This happened recently when BioNTech announced that last week documents that were related to the COVID-19 vaccine that they had developed with Pfizer were “unlawfully accessed”. The German biotech’s documents were accessed illegally as part of a cyber-attack that is related to the Europeans Medicines Agency (EMA) announcement that they had been targeted.

The Price Tag

The value of this information is priceless to other countries and companies that are in the race for a vaccine to be created and distributed. While the problem is of course a criminal one, it is more than stealing data and ‘who gets it first’ but a matter as mentioned above of ensuring that the information is accurately relayed as well. Hypothetically, there are multiple scenarios that could play out including all data not being considered or input to the stolen vaccine. While we don’t know the details and assume this will all be addressed in an investigation, it brings to light the point that hacking doesn’t always mean stolen login credentials and credit card numbers. Our lives are affected by cybercrime in more ways than we often consider.

Smart practices in our daily lives, including protecting our own identity are critical, but when it comes to how we are in our professional lives, the impact is even greater if we are a gateway to data that affects larger groups – and in this case, it might be an entire country or more.

We need to all work together and stay diligent in our efforts to remain educated and informed on what we know and what we do to fight cybercrime. If you are an IT specialist, make sure that your clients are part of an ongoing training program. If you are an employee, make sure that your team and employer have a program that keeps cybersecurity at the top of the list of their priorities and are working to keep you, the business, and the community at large, safe from hackers.