Hackers Who Attacked The European Medicines Agency (EMA) Last Month Manipulated Some Of The Stolen Data Before Leaking It On Web.

The Hackers Who Attacked The European Medicines Agency (EMA) Last Month Manipulated Some Of The Stolen Data Before Leaking It On The Web. That’s according to the EMA, which says an ongoing investigation into the data breach suggests the attackers have published some of the stolen data online, including confidential internal emails relating to the evaluation and approval processes for coronavirus vaccines.

It has also been noticed that the perpetrators manipulated some of the emails before publishing them on the web, most likely in an effort to undermine trust about the vaccine approval process. The Agency said it was supporting the criminal investigation into the data breach and that the law enforcement authorities are taking appropriate measures to respond to the situation.

“Two EU marketing authorisations for Covid-19 vaccines have been granted at the end of December/beginning of January following an independent scientific assessment,” the EMA said in a statement. Despite the urgency for Covid-19 vaccines in Europe, “there has always been [a] consensus across the EU not to compromise the high-quality standards and to base any recommendation on the strength of the scientific evidence on a vaccine’s safety, quality and efficacy, and nothing else,” it added.

Following the disclosure of the attack in December, German biotech firm BioNTech said that hackers were able to access confidential documents relating to regulatory submission for BioNTech and Pfizer’s Covid-19 vaccine candidate, BNT162b2. The attackers appeared to have compromised the EMA server on which the documents were stored. No BioNTech or Pfizer systems were breached in the incident, the German firm said.

It’s not clear which hacking group attacked the EMA systems or their motive behind manipulating the agency’s internal emails. A previous update from the Agency revealed that the attackers accessed the EMA’s network by breaching an unnamed IT application. Cyber security agencies across the world have warned since April last year that attackers – ranging from state-backed hackers to cyber criminals – have been attempting to target healthcare and medical organisations in search of valuable information about coronavirus vaccines.

Last month, security researchers at IBM said that an advanced group of hackers has been targeting organisations involved in the distribution of Covid-19 vaccines. The researchers warned that this specific cyber-espionage campaign has been running since September 2020, and spans six regions: Italy, Germany, Czech Republic, greater Europe, South Korea and Taiwan. They added that the hackers were specifically trying to understand the infrastructure that governments in Western countries intend to use to distribute vaccines.

Also last month, the USA’s Cybersecurity and Infrastructure Security Agency published an alert advising organisations involved in vaccine storage and transport to be watchful of phishing messages. In July last year, the UK, US and Canada accused accused Russia of attempting to hack the ongoing research on vaccine development and testing.

The National Cyber Security Centre (NCSC) said that Russia-backed advanced persistent threat group APT29 was targeting British labs in efforts to “steal valuable intellectual property” related to a Covid-19 vaccine. The alert warned that hackers were specifically employing ‘password spraying’, tactics in the hope of gaining access to user accounts through commonly used passwords.

This news was originally published at Computing.