Hackers, Viruses, and Spies, Oh My: The Race to Deliver the First Covid-19 Vaccine Fuels Cyber Espionage


By: Isis Miranda

Cyber spies have targeted pharmaceutical companies and universities working to develop a Covid-19 vaccine in attempts to steal trade secret information. These sophisticated hacking groups have recently added new targets – organizations expected to distribute the vaccines, – prompting CISA (the Cybersecurity & Infrastructure Security Agency) to issue a cyber alert on December 3, 2020.

Cyber espionage, in this case believed to be funded by governments, such as Russia, China, North Korea, and others, in an attempt to gain a competitive edge in the race to be the first country to deliver a vaccine, differs significantly from ransomware attacks. Such attacks are frequently launched by mercenary-minded hackers with little interest in the information they encrypt, aside from the ability to extract a ransom payment in exchange for decryption keys. The presence of ransomware in the victim’s network is unmistakable since affected files are rendered inaccessible. Cyber spies, in contrast, operate in stealth mode, seeking to avoid detection and harvest ever greater amounts of valuable information. For example, the U.S. departments of Treasury, Commerce, and Homeland Security recently detected breaches of their systems, believed to be perpetrated by Russian hackers working for the Kremlin, that may have lasted for months before they were discovered.

Silent hacks pose unique threats not only because they may go undetected; the stolen information may be valuable for a wide variety of nefarious purposes. Beyond simply allowing a business to gain an unfair advantage in the marketplace, the secret knowledge could allow bad actors, governments and criminals alike, to more precisely target their perceived enemies and undermine global stability.

The attempts to breach the Covid-19 vaccine cold chain, the network of organizations poised to distribute the vaccines while maintaining subzero temperatures, may be a case in point. Knowing how and where the vaccines are being distributed may be valuable to a government attempting to create its own distribution network, but such information might also be used to disrupt the delivery process.

Preventing and treating viruses – both human and computer – will no doubt continue to be important for the foreseeable future. Given the complexity of developing, manufacturing, and distributing on a massive scale the Covid-19 vaccines, some of which must be stored at negative 94 degrees Fahrenheit, the various shelter-in-place orders may be in effect well into 2021. Fortunately, there’s no place like home.

If you have questions or would like more information, please contact Isis Miranda at

Additional Information:

FMG has formed a Coronavirus Task Force to provide up-to-the-minute information, strategic advice, and practical solutions for our clients.  Our group is an interdisciplinary team of attorneys who can address the multitude of legal issues arising out of the coronavirus pandemic, including issues related to Healthcare, Product Liability, Tort Liability, Data Privacy, and Cyber and Local Governments.  For more information about the Task Force, click here.

You can also contact your FMG relationship partner or email the team with any questions at

**DISCLAIMER:  The attorneys at Freeman Mathis & Gary, LLP (“FMG”) have been working hard to produce educational content to address issues arising from the concern over COVID-19.  The webinars and our written material have produced many questions. Some we have been able to answer, but many we cannot without a specific legal engagement.  We can only give legal advice to clients.  Please be aware that your attendance at one of our webinars or receipt of our written material does not establish an attorney-client relationship between you and FMG.  An attorney-client relationship will not exist unless and until an FMG partner expressly and explicitly states IN WRITING that FMG will undertake an attorney-client relationship with you, after ascertaining that the firm does not have any legal conflicts of interest.  As a result, you should not transmit any personal or confidential information to FMG unless we have entered into a formal written agreement with you.  We will continue to produce education content for the public, but we must point out that none of our webinars, articles, blog posts, or other similar material constitutes legal advice, does not create an attorney client relationship and you cannot rely on it as such.  We hope you will continue to take advantage of the conferences and materials that may pertain to your work or interests.**