Cyber Incident Victim: Georgia's National Center for Disease Control and Public Health
Date:
Jul 2021
Location:
Georgia
Summary
A cyberattack targeted Georgia's National Center for Disease Control and Public Health, disrupting its COVID-19 vaccination registration portal during a critical vaccination campaign. The incident prompted an investigation by authorities under computer crime laws, and services were restored approximately one day later, allowing citizens to resume booking appointments. The attack temporarily hindered public access to vaccine scheduling amid increased pandemic response efforts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early July 2021, Georgia faced a disruptive cyberattack targeting its COVID-19 vaccination registration system during a critical public health period. On July 2, the country received one million doses of Sinopharm and Sinovac vaccines from China, prompting the opening of an online reservation portal at booking.moh.gov.ge for public registration. The following day (July 3), the portal was compromised by hackers, rendering it inaccessible and halting vaccination sign-ups nationwide. Georgia's Ministry of Internal Affairs promptly initiated a criminal investigation under Articles 285 and 286 of the Criminal Code, which address illegal use of and interference with computer systems and data. Technical teams worked to restore functionality while authorities examined the intrusion's mechanisms. By July 4, approximately 24 hours after the attack began, the National Center for Disease Control & Public Health confirmed through its Facebook page that the booking system had been fully restored. The center encouraged citizens to resume vaccine registration through the operational platform, though no technical details about the attack vector or restoration process were disclosed publicly.
The incident occurred amid a significant COVID-19 case surge following the relaxation of pandemic restrictions, directly impeding vaccination efforts during a time of heightened demand. While no data theft or ransomware involvement was reported, the service disruption temporarily delayed Georgia's mass vaccination campaign on the first weekend after receiving substantial vaccine shipments. The National Center for Disease Control maintained public communication through its social media channels to provide restoration updates, though it did not specify whether historical appointment data was affected. Law enforcement's investigation remained ongoing with no immediate attribution to specific threat actors. The attack highlighted vulnerabilities in critical health infrastructure during emergency operations, though systemic consequences were mitigated through rapid system recovery and preserved vaccine distribution logistics outside the digital booking platform.