INDIANAPOLIS – With more vaccine appointments expected to be available soon, security experts are warning that U.S. retailers and pharmacies disseminating vaccines could be the next potential target of “bot” attacks by scalpers.
“There is absolutely someone out there that is considering doing these sort of actions in order to affect the national security of our country and the safety and well-being of our citizens and other folks that are here,” said Dr. Russell Handorf.
Handorf is a Principal Threat Intelligence Hacker of the Threat Intelligence Team at White Ops. This is a cybersecurity company that protects businesses against automated threats. Handorf is also a former FBI Computer Scientist.
These so-called “scalper bots” are known for cutting digital lines. They stockpile limited-supplies of high-demand items within milliseconds of their release.
“Scalper bots are a subset of targeted activity that can go against any online forum or application or store presence,” said Handorf.
Handorf said these bots take a coordinated activity against a platform. Usually, this is for the benefit of the person or persons behind the operation.
“They want to have an effect, good or bad, whatever it is, but they instruct the infections or endpoints or the software app ultimately at the end of the day, to take these actions on their behalf at scale,” he said.
A recent example was over this past holiday shopping season. scalper-bots attacked major retailers, snatching up new electronics, like PlayStation consoles. This made them nearly impossible to find. The electronics made their way to online auction site with higher markups.
Handorf said he has observed ‘a lot of preventative action underway’ to protect against bot attacks on coronavirus vaccination appointments. However, “knowing there are adversaries out there that will not, they [scalpers] will stoop to the lowest of the low.”
“They will detonate ransomware on a hospital that has direct impact on the life and safety of other people,” he said.
The motivating factors of scalper-bots are generally specific toward the inventory affected.
The reason, Handorf said, scalpers may target vaccine appointments would be to have “an adversary influence or delay or impact the speed in which we can recover as a society.”
“That influence goes on to planning out the domino effects of having negative consequences for those individuals that are affected by their inability to gain access to those resources,” Handorf said.
Handorf said companies should be vigilant of the threats. They should work to engage their teams ‘appropriately’ and ‘judiciously’ to get in front of it before it becomes a problem for them.
“Be aware of the threats, be aware that there’s someone out there on this planet that wants something you have, that you know or that you are,” Handorf said.
“I just hope that the companies that are building this infrastructure, that make the signups for the access to the portals, are thinking about these particular challenges,” said Handorf.
FOX59 reached out to several retailers to ask about their security measures in place.
A spokesperson for CVS Health sent FOX59 this statement.
“Our online vaccination appointment site has a layered defense that includes capabilities to detect automated cyberattacks, such as botnets. Those capabilities, together with our application design and user input validation, enable us to validate legitimate users.”
A Walgreens corporate spokesperson sent FOX59 this statement
We recognize during these unprecedented times cybersecurity threats pose a constant risk. With that backdrop, we are continually evaluating and investing in our programs and technology as required to provide safe, secure, and accessible services to all customers and patients. This is part of Walgreens DNA.
We currently have a team of subject matter experts across the company focused on planning and preparing for the delivery of Covid-19 vaccinations to the general public, once available, which includes my Information Security team.
The Walgreens team is working to ensure only authorized and eligible patients will have access to schedule a vaccine appointment. To do so, security measures such as Bot Detection and Prevention will play key roles in delivering this critical service to patients.
