Why spies are targeting vaccine research

The national imperative to hack the pharmaceutical supply chain

There are sound reasons why anxious governments are tasking signals intelligence services to track the progress of COVID-19 vaccines and treatments.

In February 2020, Chinese biotech BrightGene announced it had copied Gilead’s experimental viral inhibitor Remdesivir and been granted state approval to begin mass production under the name “Ridesivir*”.

At that point, clinical trials were still underway to confirm whether Remdesivir was effective against the coronavirus. BrightGene said it acted on a sense of national duty to begin manufacturing because if the drug proved effective, a Chinese company would already have a head start on saving lives. “The company regards imitating the R&D of Ridesivir as its social responsibility,” it told the Shanghai Stock Exchange.

Gilead - which had tried unsuccessfully to market its patented drug for over a decade to treat other viruses such as hepatitis C and Ebola - was presumably caught off-guard. While it made no public comment about the imitation, competition from a generic manufacturer could have caused trouble. In a revealing note to investors Gilead painted a picture of a complex and competitive supply chain, telling them Remdesivir is made from “novel substances with limited global availability”. Gilead itself could only begin production “once these materials become available in significant quantities.”

For a few weeks it looked plausible that a therapeutic developed by a US company and tested on US patients would be administered by a Chinese company to Chinese patients first. Responding to international pressure, Chinese authorities censured BrightGene in early March for misrepresenting that the state supported its initiative.

But it wasn’t the first time Chinese firms skipped the queue. During the Ebola crisis in 2014, Chinese biomedical firm Beijing Mabworks copied a treatment undergoing clinical trials in Canada, claiming that it got all the information it required to imitate the drugs from patent documents.

Risky.Biz asked a C-Level executive of a multinational biopharmaceutical company: could drugs like these be precisely reproduced based only on the contents of a patent document?

“That’s a lie,” the exec replied.

New tasking

From early on in the pandemic, Risky Business predicted that vaccine and treatment research would be highly prized targets for cyber-enabled espionage. The conditions looked ominous: a pandemic in the midst of a US-China trade war, aggressive Chinese claims in key shipping channels, and a US President threatening to cut funding to a World Health Organisation he accused of being captured by Chinese interests.

By April, the first belligerents were caught in the act. Shortly before the results of Phase 3 trials of Gilead’s Remdesivir were announced, threat researchers intercepted spear phishing emails sent to senior Gilead executives, directing them to fake email login pages designed to steal their usernames and passwords.

In mid-April, an unnamed Canadian biopharmaceutical company was compromised by a foreign threat actor, which the Canadian government said was “almost certainly attempting to steal its intellectual property.”

In the weeks since, the US, UK, Australia and Canada have each sounded warnings about the cyber-enabled espionage of organisations developing vaccines and treatments for COVID-19. The ACSC warned state-backed actors were “seeking information and intellectual property relating to vaccine development, treatments, research and responses to the outbreak, as this information is now of higher value and priority globally.”

A private sector executive with broad access to threat data told Risky.Biz that based on what has been intercepted to date, vaccine research appears the primary target, with a few exceptions among pharmaceutical manufacturers and firms that analyse the pharma sector. The attacks were so widespread - and the theft so rampant - that it wasn’t obvious what specific information the attackers were tasked with.

Most countries are signatories to agreements that prohibit theft of medical research. Dr Tobias Feakin, Australia’s Ambassador for Cyber Affairs told Risky.Biz that targeting research facilities to gain advantage in the vaccination cycle is “out of bounds” under agreed global norms.

“A pandemic is a time for transparent collaboration between governments, not for covert operations to steal other’s intellectual property,” he said.

This story tries to explain why so many countries are willing to risk international condemnation and hack for medical data. We talked to executives at large pharmaceutical firms, security leads at medical research labs, patent lawyers and academics to get insight into what information is privileged and what a country would gain by accessing it.

“I have likened this to the race to Quantum and the race to AI,” US Critical Infrastructure Security Agency Director Chris Krebs said in an interview with Risky.Biz.

“Whoever gets the vaccine first can have a significant advantage both in the market and domestically. It’s no surprise every foreign intelligence service is trying to figure out who is doing what, when and how. Everybody is trying to get ahead of this.”

What’s cooking?

The most obvious privileged information of interest to a state is the progress of research into vaccines and treatments.

International groups like the Coalition for Epidemic Preparedness Innovations and the World Health Organisation are urging vaccine research projects to collaborate and optimise global distribution of a successful vaccine. US President Trump has also tried to encourage information sharing between big pharma companies on the domestic front.

But pharma execs we spoke to described their participation in these forums as “lip service”. Meetings are attended, but lines are carefully scripted, with the interests of shareholders prioritised.

It costs around US$800 million, on average, to successfully bring a new drug to market in the United States. Profiting from such risky investments relies on secrecy, in the first instance, and the protection offered by patents.

The ‘patent bargain’ offers 20 years of monopoly rights to an invention (something both ‘novel’ and ‘non-obvious’). One or more patents can be applied to the molecule or constituent ingredients of a drug, how it is manufactured, how it is administered or how it is applied for a specific purpose. A company can also file an ‘umbrella’ patent for a new platform technology. In return for granted monopoly rights, the patent documentation must include any information required for the ‘best method’ of working that invention (such as making or administering the drug). More specifically, a pharmaceutical or biological patent typically requires an application to describe the preparation, use and efficacy of the claimed active agent.

The timing of patent applications - and their contents - is carefully considered. When a patent application is filed, it’s contents remain a secret for up to 18 months before the patent office examines it.

“As a competitor, you have an 18-month blind spot,” said Dr Mary Munroe, a senior associate specialising in life sciences and pharmaceuticals at Phillips Ormonde Fitzpatrick Intellectual Property. “I can see why people would be looking at ways to get that information.”

Patent protection systems in most countries use a ‘first to apply’ model - which means the entity that files for a patent first - assuming it is approved - wins the day, even if somebody else invented it first. Medical research - much like security research - is susceptible to collision events where multiple, independent parties arrive at similar conclusions at around the same time. Multiple research institutions might file patents on variations of the same general area of innovation, each unsure of whether the patent office will grant another inventor as first past the post. The winner of this race can use the monopoly rights afforded by an approved patent to impact a third party’s ‘freedom to operate’ for any related invention that comes afterwards.

So the timing of when a research project releases public information about a promising vaccine or treatment or files for a patent must be very carefully managed - and information about similar research projects has huge value. “A lot of money is spent protecting the intellectual property of assets,” one pharma executive assured us.


Considering the geopolitical tensions currently at play, the sourcing of precursors for any proven therapeutic will also be of interest to governments.

Bernhardt Trout, a professor of chemical engineering at the Massachusetts Institute of Technology explained that the manufacturing process for most pharmaceuticals is both globally distributed and unnecessarily inefficient.

Every stage in the manufacturing process for pharmaceuticals tends to take place in a different country. The majority of pharmaceutical precursors - most of which are synthetically-produced molecules - are sourced from China and India.

The first stage in the process applies chemical steps to precursors to produce an active pharmaceutical ingredient (API), which might be stored and shipped as a bulk powder to a different country. The next stage blends this API with additives and transforms it into the final dosage form (tablet, for example), and these in turn might be shipped to another country for packaging. The location of late stages in the process are often determined by preferable tax treatment or to counter counterfeit activity.

“This will typically take six months or more,” Professor Trout added, “mostly because of the transportation and holding between each step. If you added up the time spent at each of the steps, it’s probably only days. But the waiting time between the steps can quickly add up.”

Professor Trout has for some years advocated for the pharmaceutical industry to adopt continuous manufacturing techniques that streamline and automate the manufacturing process from a single, domestic facility - both for higher quality assurance and to reduce the sort of supply chain risks Gilead confronted earlier this year.

In May, the Trump administration ploughed hundreds of millions of dollars into new and largely untested local manufacturing companies, ostensibly to reduce US dependence on the global pharmaceutical supply chain. There is clearly a concern in the US that too much of the manufacturing process sits in countries hostile to US interests. The nightmare scenario would be for a foreign government to sequestrate APIs critical to a COVID-19 treatment before it leaves their ports.

Vaccines present an additional set of thorny supply-chain constraints. Vaccines are biologically-derived and often synthesised from living organisms. Vaccines for influenza, for example, where artificially created using fertilised chicken eggs. The aforementioned ZMapp Ebola treatment required mice.

To illustrate this complexity: Chinese companies made huge investments in pig farms around the world in recent years to shore up safer supplies of pork after African Swine Flu wreaked havoc on domestic Chinese pig farms. This inadvertently helped China corner the market for porcine thyroid API - a dried and powdered extract from the thyroid glands of pigs - which is used as supplements for humans with low thyroid activity.

At this point, it looks unlikely that a shortage of a particular ingredient will hamper global efforts to tackle COVID-19. But the biological ingredients of the treatment aren’t where supply chain risks end.

For a drug to be approved in the United States, the US Food and Drug Administration (FDA) doesn’t just certify what the drug consists of - it certifies the entire manufacturing process. This makes information about the specialised technologies and materials used to manufacture a drug or vaccine highly sensitive information.

If, for example, a drug is approved that uses a specific type of filter in the manufacturing process, the licensed manufacturer cannot swap out that filter without going through the certification process again. If a state-based actor finds out that a foreign company with a promising or competing therapeutic is going to use a particular filter in their vaccine development - and has the means to corner the market for that equipment - they can thwart that foreign business.

“A bad actor can mess with the supply chain in an almost infinite number of ways,” one pharmaceutical executive told Risky.Biz.

These issues rarely surface in news reports or require disclosure. Pharmaceutical companies usually prefer to handle supply chain crises internally, and employ specialist procurement teams that are tasked with identifying single-source risks and finding alternatives.

Professor Trout told Risky.Biz that supply chain information in the pharmaceutical industry is both complex and concealed. “You’d almost have to be in intelligence to figure out where everything comes from,” he said. “I don’t think most people in the [healthcare] industry would know where everything comes from.”


Many patent offices - especially the US Patent and Trademark Office - require an application to include the “best method” or mode of working an invention at the time the patent was filed. It must be sufficiently detailed so as to enable others to repeat the invention without themselves having to reinvent it. This attempts to entice an inventor to include trade secrets and process knowledge in the document.

But there are many good reasons why pharmaceutical companies thread the needle between providing sufficient information to satisfy a patent office, while keeping sensitive information about how a therapeutic is optimised a secret. And those optimisations tend to continue at pace during the 18-month pre-publication window before a patent application is examined.

Many secretive aspects of a manufacturing process don’t need to be disclosed in a patent. A company might get a 10% higher improvement in process efficacy from using the raw material described in a patent when the material is sourced from a particular supplier, for example. That’s a trade secret that is unlikely to be included in a patent application.

“That’s an amazing target for cyber attacks,” said Dr Munroe. “If you’re not relying on patent protection for that intellectual property - it’s value only holds as long as it remains a secret.”

This is the sort of information pharmaceutical companies believe state-backed actors are intent on stealing. Pharmaceutical companies know fully well what information was deliberately omitted from a patent that would nonetheless be required to effectively reproduce a drug. When they see claims a Chinese company reproduced a complex drug based exclusively on patent information, they feel cheated.

“They probably have other information,” one pharma exec told Risky.Biz. “They combine patented information with something they’ve stolen, with whatever they got from somebody they’re paying off, from something that fell off a truck. It comes from hacking into emails and databases. It comes from teams of people putting the pieces of the puzzle together. There’s no way you could piece together any of that from a patent alone. I can’t imagine Gilead or Moderna or any of these companies publishing all the testing know-how, the process manufacturing, the clinical trial design [in the patent] out of the goodness of their heart.”

Does it work?

Risky.Biz posed a question to all the people we spoke to for this story: “if as a government responsible for the wellbeing of its citizenry you had a SIGINT capability at your disposal, what secrets would you go after?”

“If I were a bad actor, there’s millions of things I could go after - either to hurt the supply chain or to steal IP,” a pharma executive replied. “It could be a particular type of analytical test to determine if something is pure, it could be a filter, it could be a mix of the ingredients… it’s almost infinite.”

But what if we assumed all states were motivated by very good intentions? All countries are motivated - if only for the sake of domestic politics - to save lives. Most would place saving lives above concern for intellectual property rights.

“My guess is [state-backed actors] just want to know if any of it works,” a cyber security exec speculated. “Everyone is working with imperfect information - that’s just where we are today.”

The Trump administration has no ethical qualms about investing in promising vaccine and treatment research on the proviso that a successful therapeutic is made available to the US first. The strings attached to these unilateral investments put them at odds with broader global efforts by the WHO and CEPI to ensure successful treatments are distributed equitably or to where they are most required.

When China is so willing to play by its own rules on IP, and the US so willing to buy exclusive access to successful remedies, it’s an open invitation for countries that would ordinarily play by globally-agreed rules to also deviate from them.

When a vaccine arrives, billions of doses will be required in countries that are all equally desperate to break out of national paralysis. The stakes have never been higher.

* Hilariously, we actually think this is a typo.

Subscribe to the Seriously Risky Business newsletter to read more stories like this.