• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win
HealthPfizer

How hackers could undermine a successful vaccine rollout

By
David Z. Morris
David Z. Morris
Down Arrow Button Icon
By
David Z. Morris
David Z. Morris
Down Arrow Button Icon
December 18, 2020, 10:34 AM ET
Add Fortune on Google for similar content.

Our mission to make business better is fueled by readers like you. To enjoy unlimited access to our journalism, subscribe today.

Armed U.S. Marshals kept many of Pfizer’s first coronavirus vaccine shipments safe from thieves and saboteurs this week, but experts warn that less visible threats to the vaccine lurk in cyberspace.

“There is no doubt that vaccine production, and everything about the vaccine, will become a vector of cyberattack,” says Jonathan Reiber, who served as the Defense Department’s cyberstrategy chief under President Obama and is now chief strategist at cybersecurity firm AttackIQ.

Those attacks, according to Reiber and other experts, could take at least three forms: attacks on the integrity of the vaccine supply chain; theft of trade secrets related to the vaccine; and online disinformation campaigns aimed at eroding trust in the vaccine.

Here are what those attacks could look like—or already do.

Break the cold chain

Pfizer’s coronavirus vaccine has a unique vulnerability: It must be stored at the extremely cold temperature of –70 degrees Celsius. Other vaccine candidates have less stringent requirements but must still be refrigerated.

The good news is that a cyberattack that interferes with vaccine cold storage is unlikely, according to Vinny Troia, a former Defense Department contractor and founder of cybersecurity firm NightLion. The main challenge of such an attack would be in using compromised digital systems to manipulate physical equipment.

“The time it would take to develop and deploy something like that, by the time that happens we’ll probably be done distributing vaccine,” says Troia. He compares it to the effort behind Stuxnet, a virus believed to have been developed by the U.S. and Israel to physically interfere with targets including Iranian nuclear facilities. Information about Stuxnet is still secret, but development is believed to have taken at least four years, from 2005 to 2009.

But hackers wouldn’t have to shut down freezers to meddle with the vaccine cold chain. They would only have to tamper with data.

Bill Brooks, a logistics expert with the consulting firm Capgemini, worries that hackers could try to modify shipping records to show that the vaccine was exposed to improper temperatures. That could render the vaccine unusable—whether or not it was actually compromised.

Malicious actors “want to create doubt,” says Brooks. “[They] want to create chaos in the marketplace, so people are unsure what they’re receiving.”

There are multiple levels of protection against such an attack. Most modern cold-chain monitoring systems have some redundancy, such as transmitting data from monitoring devices to a central database, or paper backups. All health care logistics must also comply with an FDA standard that guarantees traceability of every attempt to access or modify tracking data. Because of those controls, Reiber describes such a data-focused attack as “plausible” but difficult.

“We constantly see people who are trying to spoof into our system, and we spot it very quickly,” says Mark Sawicki, CEO of health logistics company Cryoport Systems, which provides distribution and cold-storage services for 26 different COVID vaccine candidates still in trial stages. “I’m honestly not that concerned with that.”

In response to inquiries about cybersecurity risk, Pfizer said it carefully tracks and responds to threats. “For our COVID-19 vaccine we have developed detailed logistical plans and tools to support effective vaccine transport, storage, and continuous temperature monitoring.”

Controlant, which provides the monitoring technology for distributing Pfizer’s vaccine, also expressed confidence. “Our established security program meets industry standards and best practices for the pharmaceutical industry.”

But Troia says procedural controls such as the FDA’s requirements aren’t guaranteed protection against determined and well-funded hackers. He points to the recent revelations of a foreign cyberattack that compromised the widely used IT software SolarWinds, giving the attackers deep access to systems, including at the U.S. Treasury. More than 80% of Fortune 500 companies are SolarWinds customers, though it’s currently unclear how many, if any, were compromised in the attack.

An attack on tracking data could be deeply damaging, even if it only succeeded at a very small scale.

“Is it enough to do it once?” asks Reiber, the former Defense Department cyberpolicy chief. “Is that enough to help you achieve your strategic goal of sowing distrust? That could be the case.”

Steal the blueprints

“We’ve seen state actors trying to steal vaccine IP from the very beginning of the pandemic,” says Reiber, using shorthand for intellectual property. That has included alleged attempts by state-sponsored hackers from China, Russia, Iran, and North Korea to steal coronavirus vaccine research or production techniques.

According to Troia, the other former Defense Department official, another common tactic is simply scanning software developers’ accounts on sites like GitHub, where many engineers store or share software code—and sometimes, carelessly, passwords.

Once hackers gain access to a GitHub or similar account, says Troia, they search for both sensitive data and credentials for access to other systems, such as Amazon Web Services cloud storage. “That’s like the Holy Grail right now. When they log into the Amazon bucket, it’s all right there on a silver platter.”

Even if a digital IP heist were successful, though, it wouldn’t be inherently harmful to vaccine distribution. In fact, the ultimate goal of such a hack would be to produce more vaccine at a time when many countries are facing an uphill battle and, in some cases, even calling for the emergency rollback of intellectual property protections for COVID vaccines.

Sow seeds of doubt

Troia believes that the most likely tactic for a hostile agent hoping to disrupt U.S. vaccine distribution would not target the vaccine itself, but public perception.

“It’s more likely if you’re trying to cause disruption, you’re going to choose to do disinformation. It’s easier to inject a narrative into a society, especially if there’s a predisposition to distrust something,” he says.

That predisposition is widespread in America. Currently, about 27% of Americans are hesitant to take the vaccine, according to a Kaiser Family Foundation survey, with more than half of those citing distrust of government as a factor.

In 2016, the cyberwarfare arm of Russia’s GRU intelligence agency exploited Americans’ distrust to spread political disinformation. Russian state actors are now allegedly engaged in a similar effort to further undermine faith in Pfizer’s and other successful vaccines. They have reportedly found receptive audiences among anti-vaccination groups on social media sites.

Disinformation efforts may be particularly harmful to African-Americans, who have been disproportionately harmed by the pandemic. Yet 35% of them are hesitant to take a coronavirus vaccine, the Kaiser survey found, well above Americans as a whole. That elevated distrust is in part the legacy of mistreatment of Black people by American medical institutions.

“If I’m putting on my most nefarious adversary hat, I’m going to look at American society and say, who are the populations suffering most under COVID-19?” says Reiber. “And I’m going to try and make that situation worse.”

Attacks on public confidence in vaccines, whether through data sabotage or online disinformation, have implications beyond the individuals who may decline to take the vaccine. Dr. Anthony Fauci has said 75% to 80% of Americans will need to be vaccinated to end the coronavirus pandemic.

If digital malefactors slow the progress to that threshold, it would be one of the most devastating cyberattacks of all time.

Correction 12.18: This piece previously referred to Vinny Troia as a former Defense Department staffer, rather than a former contractor. We regret the error.

About the Author
By David Z. Morris
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Health

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Health

The 6 Best Exercise Bikes of 2026: Fitness Expert Reviewed
HealthDietary Supplements
The 6 Best Exercise Bikes of 2026: Fitness Expert Reviewed
By Christina SnyderJuly 1, 2026
6 hours ago
kean
PoliticsCongress
Tom Kean discloses depression diagnosis behind 4-month absence from Congress: ‘until you experience it yourself, it is difficult to fully understand’
By Mike Catalini, Joey Cappelletti and The Associated PressJune 30, 2026
1 day ago
‘Cop on your wrist’: Wearables offer tons of data, but people are still going to sleep to Netflix and TikTok
HealthBrainstorm Tech
‘Cop on your wrist’: Wearables offer tons of data, but people are still going to sleep to Netflix and TikTok
By Amanda GerutJune 29, 2026
2 days ago
usa
EnvironmentHeat
Long and dangerous heat wave to roast America from Dallas to New York through July 4th holiday
By Marc Levy and The Associated PressJune 29, 2026
3 days ago
France suffers 1,000 additional deaths in just the past week amid record heat wave—and 85% involved people aged 65 and above
EuropeWeather and forecasting
France suffers 1,000 additional deaths in just the past week amid record heat wave—and 85% involved people aged 65 and above
By Kirsten Grieshaber, John Leicester and The Associated PressJune 28, 2026
4 days ago
Peter Rahal speaks on stage in front of a black and purple background.
RetailFood and drink
David Protein CEO says ‘diet trends are over’ because of GLP-1s: ‘What’s next is really hard to predict’
By Sasha RogelbergJune 28, 2026
4 days ago

Most Popular

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
Big Tech
As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
By Marco Quiroz-GutierrezJuly 1, 2026
20 hours ago
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
Success
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
By Sydney LakeJune 25, 2026
7 days ago
The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win
Newsletters
The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win
By Diane BradyJuly 1, 2026
18 hours ago
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
Success
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
By Preston ForeJune 27, 2026
5 days ago
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
Success
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
By Sydney LakeJune 29, 2026
2 days ago
Current price of oil as of July 1, 2026
Personal Finance
Current price of oil as of July 1, 2026
By Joseph HostetlerJuly 1, 2026
14 hours ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.