I’ve been watching stories in recent months about COVID vaccines for obvious reasons. When I first saw discussion around the idea that vaccines would become available through the black market, my initial reaction was to roll my eyes, think, “Duh!”, and close the tab. As various aspects of technology came into play, this became more interesting: the tech involved in managing the vaccines, in diverting them, in making black market vaccines or ‘alternatives’ discoverable, and in protecting or preserving official chains of access.
First, there are significant tech constraints on vaccine provision that make it challenging to divert actual vaccines into alternative non-authorized channels. The freezers required to transport or store the vaccines are a huge barrier for most, as is the need for rapid delivery of the vaccine once unpacked. The logistics are nightmarish and require tight controls. Personally, I find it hard to believe an unauthorized supply chain could do this successfully on a dependable basis. Chances are that vaccines through these channels would be either fake, fraudulent, adulterated, damaged, or otherwise unlikely to work, so why take the risk?
The earliest concerns expressed were about fake or fraudulent vaccines (and PPE, of course), especially since the FDA sees this happening with many major health topics, and it has been big with earlier COVID ‘treatments’ and prevention strategies. Operation Quack Hack started in May 2020, and by June had identified “more than 700 fraudulent and unproven medical products related to COVID-19.” I’m not sure I want to know how many they’ve found now, almost a year later! The FDA collaborated with domain registrars to persuade online retailers to remove questionable products, as well as to take down related websites. More recently (February 3, 2021) the FDA released resources encouraging the public to be wary of fake vaccines in addition to the fraudulent tests and treatments.
Possibly a more serious risk comes from diversion of actual COVID vaccines, which takes a lot of different forms. The simplest is people who fudge their replies, stretch the truth, or outright lie on their vaccine eligibility survey in order to skip place in line. According to the Advisory, these happen mostly through inflating personal health risks, people or social systems claiming certain individuals are groups qualify as essential workers, using advantages not available to all, or outright cheating. The more worrisome version is when healthcare providers are involved. More on that in a few paragraphs.
It would be one thing if these were the only thing we had to worry about. In mid-November 2020, Transparency International released Vaccinating Against Corruption, opening a public conversation around logistical and ethical challenges with vaccine distribution, as well as a range of policy, oversight, and tech options for addressing these.
“National allocation frameworks must be developed transparently and collaboratively to ensure that distribution is equitable, and access to vaccines doesn’t become a weapon to discriminate against vulnerable groups. We are also looking at how we can work with governments and those distributing vaccines to ensure that supply chains have corruption safeguards in place, and to ensure that systems are in place to actively monitor the implementation of the framework and vaccine rollout. These could range from the technologically complex, using RFID tracking on vaccines, through to awareness campaigns on reporting attempted corruption, and community-led distribution monitoring.”Cushing, Jonathan. Vaccinating Against Corruption. Transparency International. November 13, 2020.
At the same time, China was already in the throes of coping with black market distribution of COVID vaccines, with scalpers charging hundreds of dollars for a single injection (which may or may not be effective), and people diverting actual vaccines by claiming professional need to travel. In weeks following this announcement there were increasing media reports and interviews around how the rich, privileged, and powerful are not only able to manipulate the system to their benefit, but that the system is constructed to make it easy for them to do so.
“The U.S. health care system is generally designed to give preferential treatment to those with wealth and connections, ethicists said. “When we talk about the concept of individuals being able to get to the front of the line, that’s not difficult, because our system is designed to advantage those people with means like that,” said Tuskegee’s Ellis. “They don’t have to really do anything sinister. All they have to do is access the system that they are a part of.””‘There absolutely will be a black market’: How the rich and privileged can skip the line for Covid-19 vaccines, by Olivia Goldhill and Nicholas St. Fleur (StatNews Dec. 3, 2020)
It isn’t as simple as it sounds, though. When we talk about high profile individuals receiving early and preferential access to medical treatment like the COVID vaccine, that could be a good thing or a bad thing. Are they cheating the system? Are they demanding access other folk don’t get? Are they setting a good example and modeling behavior we want adopted by the general public? Are they in a position where many others depend on their health and well-being for their own survival or success? For example, I would want to insist that the President of the country be vaccinated as soon as possible, but if it was a wealthy but not-particularly-famous person in good health and of moderate age who just happened to pay for concierge care, well, that’s more ethically questionable. It’s not a clearcut good or bad, but depends on the context.
As vaccine availability and access shifted closed to the general public, the issues became more prominent. Concerns were expressed about vaccine diversion by those in the production and distribution pipeline, from factory to clinic. More news became available about challenges, scams, and scalpers in China, and those issues moved from China outward to the rest of the globe. The underground or black market around this expanded, and those nefarious elements targeting the COVID vaccine access pipeline touched on every aspect, from individual providers to the ultra-cold storage trucks and shipping, with hackers involved in diverting shipping, tracking shipments, or threatening those responsible for managing the shipping processes. Some thrilling reporting was starting to come out. I’d like to highlight just a few pieces for your attention.
StatNews had an article detailing mechanisms that were or could be used for abuse of vaccine access, with key concerns focusing on the point of delivery as most vulnerable. They interviewed a variety of experts who described ways to combat this, ranging from sophisticated technologies like artificial intelligence and radio tracking to social controls like public shaming.
“But bioethicists believe pharmacies, urgent care clinics, and doctors’ offices are among the most vulnerable points along the distribution chain. The state-line divides within the health care system make it especially vulnerable to abuse. “There’s far less scrutiny of state legislative and regulatory bodies than at the federal level,” said Potter. “The fragmentation makes gaming the system easier and more likely.””‘There absolutely will be a black market’: How the rich and privileged can skip the line for Covid-19 vaccines By Olivia Goldhill and Nicholas St. Fleur (Dec. 3, 2020) https://www.statnews.com/2020/12/03/how-rich-and-privileged-can-skip-the-line-for-covid19-vaccines/
Coming from China’s Global Times was a vivid report of the range and variety of less-than-legal approaches utilized in selling and acquiring vaccines. The most shocking to me was the idea of giving both vaccine shots at the same time, because, [sarcasm]sure, that’ll work just fine, won’t it?[/sarcasm] They also described scalpers claiming to work for the vaccine production companies; heavy use of social media to target naive victims; falsifying identity or employment to fast track people onto schedules for legitimate vaccines; using attempts to acquire illegal vaccines for identity theft information harvesting; the dark web; counterfeit vaccines that look exactly like the real thing, counterfeit vaccines shipped to other countries, and hospitals in those countries sometimes being duped into purchasing and delivering fake vaccines. As soon as hospitals found out this was possible, security around acquiring vaccines ramped up even higher, and in the USA vaccines are being delivered through government channels in part to avoid getting bad vaccines mixed with good ones.
“”I can secure you a dose of Sinopharm with a very competitive price of 3,000 yuan ($458) for two doses, getting injected in a first-class public hospital in Beijing. Many like you have approached me asking for quick accessibility, and no one reported any serious adverse reaction so far,” Xiao said when peddling COVID-19 vaccines via WeChat to a Global Times reporter who pretended to be a student going abroad and desperate for vaccine.”Coveted COVID-19 Chinese vaccines provoke social media scams, scalpers targeting overseas Chinese. Global Times. https://www.globaltimes.cn/content/1209931.shtml
NPR went into more detail about the dark web in their interview with Chad Anderson, from cyber-security firm DomainTools. In addition to issues and problems already described, Anderson described illegal marketplaces, cryptocurrencies, escrow for your illegal drug/vaccine purchases, hackers targeting hospital patient data as well as cold storage shipping required for the vaccines.
“”ANDERSON: Dark Market (ph) is the largest one, and it’s the first market run entirely by women.
VANEK SMITH: I have very mixed feelings about that. I’m like, part of – my brain is like, that’s great, go women. And part of me is, like, very conflicted, very conflicted about that.
ANDERSON: Yeah. Well, they don’t allow fentanyl. They don’t allow explosives or human trafficking.”
“VANEK SMITH: Back in October, one hospital in New Jersey paid cybercriminals more than $650,000 after the criminals locked up their computer systems and threatened to publish all of their patient records.
GARCIA: But it’s not just hospitals that criminals are targeting. Remember – the Pfizer vaccine needs to be kept really cold, and not many companies specialize in that kind of ultracold transport, and most of them probably don’t have super advanced security systems. So now cybercriminals are seeing a major opportunity targeting those cold storage companies.”The Underground Market For Vaccines (December 17, 20205:47 PM ET) https://www.npr.org/2020/12/17/947734522/the-underground-market-for-vaccines | https://www.npr.org/transcripts/947734522
I was really impressed with the Los Angeles County Department of Public Health, who have produced a brilliant set of resources for the general public about how to identify these COVID-related scams, including a vaccine-specific resource. They warn people how to tell if a contact tracer is legitimate, that government-authorized COVID activities are never tied to Social Security payments, how to protect yourself against health insurance fraud tied to COVID tests or vaccines, identity theft, fake charities, fake helpers offering to deliver groceries or medicines, stimulus check scams, miracle cures, dangerous products like some hand sanitizers, and so much more.
“A RED FLAG is a warning sign or signal that something might be a scam. Look out for these COVID-19 vaccine red flags: Someone offers to move you into an earlier group to get the vaccine for a fee. Someone tries to sell you a place on a COVID vaccine waiting list. There is no “vaccine waiting list”. Someone on the street, online, on social media, or knocking on your door tries to sell you a shot of vaccine.”Be a smart health care consumer: COVID-19 Vaccine Scams. http://www.publichealth.lacounty.gov/media/Coronavirus/docs/about/COVIDVaccineScams.pdf
Things started moving closer to home (as in the USA). Following on the heels of COVID vaccine fraud in China came stories of Chinese nationals in other countries covertly receiving vaccines approved for use in China, but not in the country where they reside. “Vaccine diplomacy” has become a buzzword that is overwhelming the news media — just try searching it in Google to get a sense of the global scope of the competition among nations to become a leader in controlling access to COVID vaccines.
“The message in late December wasn’t meant for Jesse, a newcomer working at an offshore gambling operator in the Philippines. But her eyes fell on a group chat on her colleague’s unattended phone, detailing plans to administer coronavirus vaccines this month to her Chinese co-workers.
Her colleague had sent their peers a reminder “to make sure when they get vaccinated, they have to wear long sleeves . . . to cover the cotton after the injection,” said Jesse, a Filipino who chose to go by her nickname for fear of reprisal. “And you’re not supposed to say anything to other employees.”
No coronavirus vaccine has been approved for general use in the Philippines, nor is one expected to arrive, officially, until at least February.”
A black market for illegal coronavirus vaccines is thriving in the Philippines (Jan. 17, 2021 at 6:29 p.m. EST) https://www.washingtonpost.com/world/asia_pacific/vaccine-coronavirus-chinese-workers-philippines/2021/01/16/e5126c88-4f09-11eb-a1f5-fdaf28cfca90_story.html
The Pfizer COVID vaccine had received emergency use authorization from the FDA December 18th, 2020, and then moved into distribution, with a media splash kickoff event of notables receiving the vaccine on December 21st. By early January, there were already reports in the news of vaccine inequities in delivery to schools, redirection of vaccine doses from retirement homes to wealthy folk, and hospitals’ big donors getting preference. Perhaps the saddest story was of an honored paramedic reportedly threatened by his boss if he didn’t steal vaccines for him.
Polk County ‘Paramedic of the Year’ arrested in theft of COVID vaccines https://www.woodtv.com/covid-19-vaccine/polk-county-paramedic-of-the-year-arrested-in-theft-of-covid-vaccines/
“According to the police report, 31-year-old Joshua Colon stole three doses’ worth of the Moderna vaccine, then forged the vaccine screening and consent forms.
Colon reportedly told detectives he was directed to do so by his supervisor, a captain with the fire department who Grady said will likely be arrested upon his return home from vacation.”
“Colon told detectives that on the day of the incident, his supervisor joked with him about getting some vaccines vaccines for his mother. He said he was told by his supervisor to report the vaccines as being no good. Colon told detectives he refused to provide those vaccines to his supervisor, at which time his supervisor threatened he would tell a higher up in the chain of command that Colon was selling the vaccines outside of work.”
It should not surprise anyone that various experts and organizations started offering events and webinars with guidelines on how to prevent the COVID-19 vaccine black markets that had already emerged elsewhere.
In February, things broke loose, and the reports got wild. More public reports of cyber criminals identifying shipments to steal. Hackers attempting to steal formulas or other vaccine-related information to enable the production of fraudulent or counterfeit vaccines. Artificial intelligence used to identify healthcare providers or volunteers who redirected or misdirected or diverted vaccine resources, specifically through behavioral analytics. Meanwhile, behavioral analytics were already being used to try to encourage vaccine adoption. Cars stolen with vaccines inside. Vaccine appointment information falsified and the vaccines delivered to children who weren’t legally eligible. Vaccines thrown out accidentally as ‘extra’ dry ice. Scam registration sites harvesting people’s personal information and not delivering the expected vaccine. Heightened awareness of and push-back against concierge care in medicine because of perceived vaccine access inequities. Healthcare IT News had a great overview article collecting many of the tech issues and strategies around vaccine access and delivery.
“”In a manufacturing plant you could have armed guards,” who prevent theft, Knight pointed out. But as a medication moves through the “chain of custody,” he said, “the closer you get to the patient, the less oversight there is and the easier it is to steal the vaccine or the medication.””Analytics: A weapon against the COVID-19 vaccine black market: Theft and fraud are becoming major patient safety issues – and experts say the patchwork nationwide approach to COVID-19 vaccine distribution could be making matters worse. By Kat Jercich (February 01, 2021 02:17 PM) https://www.healthcareitnews.com/news/analytics-weapon-against-covid-19-vaccine-black-market
“Invistics uses machine learning and analytics to flag suspicious signs of strange medication behavior. But, as other experts pointed out, the danger of vaccine stealing may go beyond physical security: There’s a potential cyber element as well.
“If sensitive formulas or research are stolen on how to produce the vaccine, other rival nation-states or even rogue laboratories could potentially produce illegal vaccines and sell them on the black market,” noted Trevor Daughney, vice president of product marketing at Exabeam, which develops security analytics technology.
“In addition, if distribution plans are found and downloaded, cybercriminals might become criminals in the physical world by tracking down and stealing shipments to sell,” Daughney added.”
Bots used to manage vaccine appointment slots was complicated. There were so many problems getting vaccine appointments, that some of the bots were actually tools designed to help legitimate patients access appointments for which they were eligible. The flip side of this was, however, that not everyone has equitable access to the tools and technology and information to make it possible to access these tools. Then there were less nuanced cases in which bots hijacked vaccine appointments and redirected them to scalpers or patients outside the target audience.
““THANK YOU! THANK YOU! THANK YOU! I GOT MY DAD AN APPOINTMENT! THANK YOU SO MUCH!” tweeted Benjamin Shover, of Stratford, New Jersey, after securing a March 3 appointment for his 70-year-old father with the help of an alert from Twitter account @nj—vaccine.EXPLAINER: Meet the vaccine appointment bots, and their foes: Having trouble booking a COVID-19 vaccine appointment online. By MATT O’BRIEN and CANDICE CHOI (February 25, 2021, 11:40 AM) https://abcnews.go.com/Health/wireStory/explainer-meet-vaccine-appointment-bots-foes-76111489
The success came a month after signing up for New Jersey’s state online vaccine registry.
“He’s not really tech-savvy,” Shover said of his father in an interview. “He’s also physically disabled, and has arthritis, so it’s tough for him to find an appointment online.””
“But the person who created a bot that’s now blocked in Union County, 24-year-old computer programmer Noah Marcus, said the current system isn’t fair, either.
“The system was already favoring the tech-savvy and the person who can just sit in front of their computer all day, hitting refresh,” Marcus said.”
“Walgreens said it is using cybersecurity techniques to detect and prevent bots so that “only authorized and eligible patients will have access to schedule a vaccine appointment.” CVS Health said it’s encountered various types of automated activities and has designed its appointment-making system to validate legitimate users.”
Then, naturally, there is also AI and increased security efforts to protect vaccine appointment systems against scalpers and related activities. Are you complaining about how hard it is to get an appointment? Some of those barriers and frustrations may be directly tied to efforts to protect vaccine appointments from being stolen by scalpers.
“To do so, security measures such as bot detection and prevention will play key roles in delivering this critical service to patients.”
CVS said its program could thwart bot attacks. “Our vaccination appointment site has a layered defense that includes capabilities to detect automated cyberattacks, such as botnets. Those capabilities, together with our application design and user input validation, enable us to validate legitimate users,” a CVS Health spokesman said.”
“The complexity of securing vaccine appointments from the government, even without explicit evidence of bots tampering the process, inspired a few programmers to create website monitoring programs like Georgia Vax, Visualping and NYC Vaccine List, which alert people to available appointments at a local level for free.”FOCUS-Walgreens, CVS beef up protections against threat of ‘bot’ attacks on vaccine program. https://www.reuters.com/article/health-coronavirus-scalpers/focus-walgreens-cvs-beef-up-protections-against-threat-of-bot-attacks-on-vaccine-program-idUSL4N2KB3NE
- Tech is a double-edged sword that can be used for good or harm, and it isn’t always clear which is which.
- Be careful, stay safe, use trusted resources of information.
- Get vaccinated! But get vaccinated safely, appropriately, and without causing harm to yourself or anyone else.
And with that, I’m off to get my shot.
Other Sources & Snippets
COVID Vaccine Tracker https://www.nytimes.com/interactive/2020/science/coronavirus-vaccine-tracker.html