Cybersecurity

Biden’s COVID-19 strategy includes intel review of cyber risks to vaccine rollout

President Biden is tapping his new head of national intelligence to assess cyber and foreign interference risks to the vaccine process as part of the administration’s plan to tackle the coronavirus pandemic.

The national strategy, which Biden unveiled Thursday during a news conference at the White House, says “the U.S. Government will counter any threat to the vaccination program,” with the plan zeroing in on cybersecurity concerns.

“The Director of National Intelligence will lead an assessment of ongoing cyber threats and foreign interference campaigns targeting COVID-19 vaccines and related public health efforts,” the White House said in its strategy document.

“The U.S. Government will take steps to address cyber threats to the fight against COVID-19, including cyber attacks on COVID-19 research, vaccination efforts, the health care systems and the public health infrastructure,” it says.

The inclusion of an intelligence assessment by Director of National Intelligence Avril Haines comes as hackers have stepped up efforts to disrupt the vaccine supply chain in recent months, and after COVID-19 researchers and health care groups have been increasingly targeted in cyberspace since the pandemic began.

The Office of the Director of National Intelligence did not respond to The Hill’s request for comment on the upcoming assessment.

The Wall Street Journal reported last month that North Korean hackers had attempted to hack into at least six pharmaceutical groups in the U.S. and the United Kingdom involved in developing the COVID-19 vaccine, including Johnson & Johnson and Novavax.

IBM later released a report warning that a “global phishing campaign” was targeting the cold storage portion of the COVID-19 vaccine supply chain, with the Cybersecurity and Infrastructure Security Agency putting out a joint alert urging groups involved in vaccine transport and storage to be on guard against cyberattacks.

Various senior federal officials have also stated publicly that foreign hackers were targeting the supply chain, with William Evanina, the director of the National Counterintelligence and Security Center, saying earlier this month that he was concerned about efforts by China and Russia to target the vaccine effort.

The assessment of cyber risks to the COVID-19 vaccine rollout will not be the only assessment Haines will be required to compile on the heels of her confirmation to the role by an overwhelming bipartisan Senate majority Wednesday night.

The Washington Post reported Thursday that Biden also plans to send over a request to Haines this week to complete an assessment of the full impact of the Russian cyberattack on IT group SolarWinds, which counted much of the federal government as customers.

Haines was vocal during her confirmation hearing before the Senate Intelligence Committee earlier this week about her commitment to cybersecurity-related issues, pointing to the SolarWinds hack as illustrating the need for the U.S. to have a plan for how to respond to foreign cyberattacks.

“I think one of the great challenges that we face in the United States in particular is the asymmetry of the threat in cyber,” Haines said. “I think it is relatively easy for adversaries to hold at risk what are high value assets to the United States, given how much we rely on cyber to work for our economy, security, for so many different issues, at relatively low risk to them.”