How Does OSINT Support Supply Chain Security and Vaccine Distribution?
From PPE to vaccines, no event has illuminated supply chain vulnerabilities quite like the COVID-19 pandemic.
Supply chains have many moving parts, and any disruption along the way can slow or halt the flow of goods globally.
This can have a devastating effect on national security and public safety. For example, vaccine distribution delays can mean that unvaccinated populations are exposed longer, causing avoidable outbreaks and death. In some cases, disruptions—like IP theft early on in the supply chain—can cause geopolitical tensions and compromise national security.
We now know that very few supply chain managers were prepared for disruptions caused by the pandemic. Conventional supply chain security protocols, like emergency response plans and security details, are no longer enough to maintain visibility and avoid a reactive strategy. Additional resources, like open-source data, are required to help security teams find early warning indicators and monitor global locations proactively.
With access to the right information at the right time, governments and private enterprise can keep their supply chains more secure and keep their people and assets safer.
What do physical security risks look like throughout the vaccine supply chain—from manufacturing to distribution—and how does open-source data help?
When it comes to manufacturing, the vaccine supply chain doesn’t just include vaccine production plants. It encompasses the production of other supplies necessary for the vaccine rollout, like syringes and temperature-controlled shipping containers. Manufacturing facilities are globally distributed, and monitoring networks of supply chain locations is hard without on-site teams.
Like all stages of the vaccine supply chain, manufacturing facilities are at risk for targeted disruption by extremist groups opposed to vaccine rollout. In an advisory document published by CISA, active shooters, IEDs/IIDs, vehicular attacks, hijacking, theft, and small unmanned aircraft systems are all listed as physical security considerations for vaccine manufacturing plants.
According to the CEO of the European Arm of the Transported Asset Protection Association, vaccine distribution is “the biggest security challenge in a generation” for freight haulers.
Some individual vaccine shipments are valued as high as $70M, making them precious cargo and an attractive target for bad actors. As the vaccine rollout started, Interpol issued a global alert for increased theft and vandalism targeting vaccine shipments.
Stolen vaccines can be sold on the dark web. Transported vials may also be intercepted by groups opposed to the vaccine disrupting supply chains on principle, not profit.
The transport of a medical substance like the vaccine is also different from transporting stable goods. Because the vaccine relies on a cold chain, disturbing or damaging a shipment often results in destroying the entire load, not just tampered vaccines. This can result in even further delays as manufacturers make up for lost goods.
There’s also the chance of unintentional disruption, like traffic or weather disturbances that can compromise supply chain security.
According to CISA, protesters, insiders, criminals, and terrorists, all pose potential threats to vaccine distribution sites. These sites include clinics, satellite clinics (like stadiums or parking lots), and mobile distribution units. Transient clinics typically have less consistent and robust security protocols, making them more vulnerable to physical disruptions.
Open-Source Data for Supply Chain Security
How are these risks mitigated with open-source data?
Throughout the vaccine rollout, online data has supported the secure production and movement of Pfizer, Moderna, AstraZeneca, and Johnson & Johnson vaccines in the United States and abroad.
Supply Chain Monitoring: the Value of Social Media Data in a Crisis
Operation Vax (OPVAX), a collaboration between the Healthcare Distribution Alliance and the Hetherington Group, used open-source intelligence to detect and mitigate vaccine supply chain disruptions. This data was sourced from over 105,000 open and dark web sources, producing 45,000 threat alerts.
Open-Source Data Can Support Such Intelligence Teams By:
- Illuminating publicly-disclosed plans on forums, message boards, and other forms of social media to demonstrate near or target supply chain locations.
- Tracking the sale of counterfeit or stolen vaccines on the dark web.
- Providing early warning signs and real-time updates for supply chain security risks. This includes natural disasters, traffic delays, or targeted threats like an active shooter where social media is often the first source of information.
Much of these data are sourced from the deep and dark web, which is slow and unsafe to search manually. Filtering relevant data from the noise also requires specialized software to detect risk quickly. Echosec Systems supported OPVAX by delivering vital surface, deep, and dark web data to analysts relying on fast and easy access to online risk indicators for supply chains.
Supply Chain Visibility Is the Top Concern
In 2021, conversations about supply chain security have zeroed in on vaccines. But the reality is that most sectors rely on global supply chains to operate smoothly, pandemic or not. Like other security processes, COVID-19 has amplified existing vulnerabilities in supply chain management—and better supply chain visibility is now the top concern for supply chain executives in the next few years.
As we’ve seen through OPVAX, surface, deep, and dark web data helps improve that visibility. Now that software like Echosec makes relevant risk data easily and quickly detectable, organizations can stay better informed and prepared when supply chain security is compromised.
Does your organization need to monitor global facility threats? Book a Consultation to see if you're overlooking any security threats.