COVID-19 Vaccine Production Shutdown at Four US Facilities

The Federal Drug Administration (FDA) announced this afternoon that production of Covid-19 vaccines had been brought to an abrupt stop at manufacturing facilities for all four types of vaccines that were currently approved for distribution in the United States. Manufacturing processes at all four of the production facilities stopped at 9:00 pm EST last night. An undisclosed number of production batches were effectively ruined when control was lost of the manufacturing control systems monitoring production stopped operating. Clark Stanley told reporters this morning that there had been no injuries or hazardous chemical releases reported at the facilities affected by the production upsets. “Unfortunately,” Clark said: “there were millions of doses of the various vaccines that were destroyed in the attack. Every batch in production at the time of the stoppage will have to be destroyed; we have no way of knowing what was happening in the reaction vessels when the facilities lost view of the processes.” The Federal Bureau of Inquiry (FBI) and the National Critical Infrastructure Security Operations Center (CI-SOC) are both investigating the apparent computer attack on these facilities. General Buck Turgidson (USA Retired) reported via video link from the CI-SOC. “Our initial investigation discloses that each facility received multiple phishing attacks via emails that were sent from FDA accounts. Those emails were sent from FDA servers and directed the receivers to fill out on-line forms that were also housed on FDA servers. Those forms and email accounts were established by attackers during the SolarWinds compromise.” Dragonfire Cyber is conducting the on-site investigations for CI-SOC. Dade Murphy, CTO for Dragonfire, told reporters at today’s news conference that they were still in the early stages of the investigation. “We have determined that there is very little in common in the control systems used at the four facilities. We are beginning to suspect that the vulnerability exploited in this attack may be in one of the subcomponents that are used in multiple systems; maybe a DLL vulnerability.” FBI cyber investigation teams are looking at the affected servers at the FDA regional office in Denver. Johnathan Quest confirmed what was reported by Turgidson. “Our teams have found the email account and the compromised forms one of the server’s in the Denver office. The email account has been active January of last year. There has been a great deal of information requested and received from vaccine manufacturers by the account since it was established. Copies of all of that communication had been forwarded to command-and-control servers associated with the SolarWinds compromise that had only been identified in the last two weeks.” Clark closed out today’s news conference by confirming that the FDA had ordered all vaccine manufacturing at the affected control systems could be cured of their current infections. CAUTIONARY NOTE: This is a future news story –Future ICS Security NewsRead More