On July 30, 2021, Blue Glacier published a thought-provoking “red team” memorandum on potential incidents at the intersection of cybercrime, anti-vaccination militancy, and pandemic fatigue. This “out-of-the-box” analytic approach offers a thought-provoking viewpoint during the recent uptick in COVID-19 cases, and the pushback against vaccinations and renewed mask requirements.
The 7-page report is modeled after the Central Intelligence Agency’s Red Cell memorandums. This Blue Glacier effort follows the red team scenario at the end of the company’s report on the December 2020 Nashville bombing.
Vaccination Disruptions Could Delay Herd Immunity
In addition to vaccine hesitancy and lack of access to vaccines, disruptions in vaccine production, distribution, and administration could disrupt the vaccination program. Our red team memorandum focuses primarily on the potential for cyberattacks to cause this disruption.
Precedence for Cyber Attacks Against COVID-19 Vaccine Infrastructure
There is already precedence for cyberattacks on COVID-19 infrastructure. The Russian cyber espionage group APT29 attempted to steal vaccine research from Canadian, British, and American companies. Our red team analysis also notes that anti-vaccination cybercriminals could adopt a structure similar to the Anonymous hacktivist collective—a loose affiliation of hackers in various countries.
Potential Structure of Anti-Vaccination Hacking Teams
We also highlight potential cooperation between the anti-vaccination movement and the far-right. “QAnon has been quick to accept members of the anti-vax movement into its ranks as ‘COVID-19 anti-vax narratives fit squarely into the QAnon playbook by playing on the distrust of authority.’”
Risks to Vaccine Factories and Shippers
Their cyber targets could include vaccine production, distribution, and administration. Production targets include the three main factories that produce the vaccines. Specifically, the disruption of vaccine refrigeration could be the desired “damage mechanism”, via cyberattacks on the facilities’ power supply or temperature controls (if the latter are networked).
Cyber criminals could also target carriers, such as UPS and FedEx, that distribute the vaccines. As our memo mentions, there is precedence for cyberattacks on a carrier’s (and a commercial airline’s) operations and communications systems.
Risks to Vaccine Administration
The final stage of vaccine rollout—administering the vaccines—could also face attacks by cybercriminals motivated by the anti-vaccination movement, pandemic conspiracy theories, or pandemic fatigue. Cyber criminals could target any of the numerous federal and state databases and information systems used to order and track vaccines.
The insurrectionists who on January 6, 2021 stormed the U.S. Capitol coordinated and planned their activities largely on social media. Anti-vaccination militants could use the same platforms to coordinate harassment and attacks on public health officials, especially those involved in door-to-door information campaigns about the COVID-19 vaccines.