To prevent COVID-19 from further spreading and disfiguring the socio-economic fabric, the world has been keenly banking on vaccines that, to everyone’s relief, are finally nearing completion and becoming ready for general use. Apparent exultation about the news of vaccines after languishing in isolation, lockdowns, bereavement, social distancing and work from home comes as no surprise. But this joy can be short-lived with a lot of evil eyeballs tracing the vaccine’s movement. Hackers are already leaving no stone unturned to disrupt the supply chains and reap rewards from companies handling the COVID-19 vaccine supply chains. As per IBM Security X-Force, hackers have begun to target companies associated with the storage and transportation of COVID-19 vaccines using temperature-controlled environments.[i]
Attacks on the vaccine’s supply chain will be costly and life-threatening
Cyberattacks on the vaccine’s supply chain are not good news and can be costly as well as life-threatening. Hackers keenly want to gather information regarding the distribution network of coronavirus vaccines and the technology involved for keeping them refrigerated in transit. For this, they are targeting employees working in the supply chain companies, the weakest link, using phishing and spear phishing tactics. One click can cripple all the plans to immunize the masses. If vaccine’s supply chain players do not have a Zero Trust approach married to their cybersecurity strategy, one click by an employee on the hackers’ email can cost everyone heavily in the ecosystem, most of all the virus-affected people.
Why Zero Trust is critical to the safe delivery of the vaccine to affected people
In the age of digitalization and cloud, where perimeters have become irrelevant and traditional approaches to security do not stack up against the sophistication of today’s threats, the adoption of Zero Trust can give the vaccine’s supply chain players the necessary and robust base to prevent threats and sophisticated attacks. Zero Trust focuses on reducing the attack surface and impact using various technological approaches such as identity validation, privilege management, and endpoint isolation.[ii] First introduced by Forrester analyst, John Kindervag, in 2010, the Zero Trust approach secures against all attacks, both external and internal, treating every interaction with the endpoint or server as a threat.[iii]
With Zero Trust assimilated right into the security stack, the web activity and web browser will be so secure that no actor will be able to harm the network. Zero Trust security methodologies do just this by operating under a policy of “never trust, always verify,” thereby ensuring no unauthorized access is ever granted to the endpoint or network.[iv] By implementing a solution based on the principles of Zero Trust, they can minimize the risk.
Browser isolation prevents attacks on the supply chain
Built using the Zero Trust security model, remote browser isolation (RBI) has lately emerged as one of the powerful options for organizations to isolate threats before they hit an employee’s web browser. In the case of vaccine’s safety in transit, RBI can be a game changer tool as it can handle the 90% of successful endpoint compromises that involve the browser, including ransomware, spear phishing, malvertising, credential theft and social engineering.[v] It stops threats at the door by neutralizing the critical categories of web, email, and document-based threats. By filtering all incoming code and isolating it on a remote virtual browser and streaming only harmless pixels back to your screen, browser isolation fetches, executes and renders all content remotely.