By this week at the latest, the whole world has known the small company Biontech from Mainz. On Monday, the company published study results on its corona vaccine together with the US pharmaceutical giant Pfizer – and caused a price explosion on the stock exchanges. Because the drug is a breakthrough in the fight against the virus. It protects 90 percent of those vaccinated and thus significantly more than experts had previously hoped. Biontech and Pfizer intend to apply for emergency approval in the USA in November, but it has already been initiated in Europe. The end of the pandemic – it seems within your grasp.
The search for a vaccine is a billion dollar business, but it also attracts criminals. According to NewsABC.net research, hackers attacked Biontech’s servers back in September. Parts of the server are said to have been encrypted by a Ryuk randsomware virus, according to circles entrusted with the case. Initially, Biontech did not want to comment on NewsABC.net’s request. After the publication, Biontech said: “No company’s IT systems were infected by encryption Trojans, such as a Ryuk Randsomeware virus.” A spokeswoman told NewsABC.net: ” As a technology company, we prepare very conscientiously for such incidents and have taken extensive measures. “
Security circles confirm that the attack did not cause any damage. The company’s protective measures were sufficient so that neither documents were leaked nor important data were irrevocably destroyed. According to reports, the Federal Office for Information Security was also involved in the case.
Attack like on University Hospital Düsseldorf
It is unclear who is behind the attack. One possibility: cyber criminals who want to extort money. If a marginal someware was actually used, it would be the same case as the attack on the Düsseldorf University Hospital a few weeks ago. There server data was encrypted with a virus. Subsequently, previously unknown people demanded a ransom in order to make the data freely accessible again. In the end, however, the hackers voluntarily withdrew, releasing the server without paying any money.
The Robert Koch Institute was also attacked in mid-October. A DDoS attack paralyzed the site for two hours by strangers. In doing so, the page is confronted with a large number of views, so that it collapses under the load of the amount of data. Here, too, one suspects criminals.
Another possibility of who is behind the Biontech attack: government-affiliated hackers. In July, the British Center for Cyber Security NCSC (“National Cyber Security Center”) accused hackers of spying on vaccine manufacturers and research institutions around the world on behalf of Moscow.
Specifically, it was about a group that is known by the names “APT29”, “Cozy Bear” and “The Dukes”. According to the British, but also the USA and Canada, the hackers are part of the Russian secret service. However, this cannot be proven, since hackers like to leave a false trace of their origin (“false flag operation”). In the case of Biontech, it is therefore unclear whether the hacker group is also behind this attack.
The German security authorities share concerns about an attack by foreign states. As early as May, the Federal Office for the Protection of the Constitution had warned vaccine manufacturers against cyber attacks by foreign secret services. At that time, for example, the Tübingen vaccine manufacturer Curevac stated that the company was actually taking “a significantly increased interest” from various quarters in its technology.
Like Curevac and now also Biontech, many companies and research institutions that operate with highly sensitive data will be exposed to attacks by hackers – and not just in exceptional cases, but as a normal state.