Ballston Cybersecurity Startup Combats Vaccine Misinformation

Sponsored by Monday Properties and written by ARLnow, Startup Monday is a weekly column that profiles Arlington-based startups, founders, and other local technology news. Monday Properties is proudly featuring Shirlington Gateway. The new 2800 Shirlington recently delivered a brand-new lobby and upgraded fitness center, and is adding spec suites with bright open plans and modern finishes. Experience a prime location and enjoy being steps from Shirlington Village.

Ballston-based cybersecurity startup GroupSense is helping governments fend off targeted attacks on COVID-19 vaccine distribution.

The vaccine action plan, a modified version of GroupSense’s 2020 election plans, is a pivot that CEO and founder Kurtis Minder never envisioned when he established the company in 2014.

“We didn’t go seeking this out — it came to us,” he said.

Today, GroupSense helps a handful of local governments combat vaccine misinformation and negotiate with hackers targeting manufacturers in the vaccine’s supply chain. The company anticipates working with these municipalities for one year, but could extend that work if the protections are still needed later on.

During the 2016 and 2020 elections, GroupSense worked with municipalities, website hosts and social media companies to take down misinformation. After the 2020 elections, Minder said local governments asked GroupSense to secure their vaccine rollouts.

“It occurred to us that you could use this technology on vaccines,” Minder said.

GroupSense reports “disinformation” to local governments, which decide whether to take down or refute the claims, he said.

“If someone on Reddit starts a thread, it gives City Hall the opportunity to get into that conversation and post links to debunk that particular narrative,” Minder said.

While rumors run rampant on Reddit, bad actors working for foreign governments or themselves are taking advantage of the increased cybersecurity risks of remote work, he said.

“The remote-work problem has actually made ransomware easier,” he said. “Eighty percent of the time, the way the bad guy gets in, it’s because the company did not secure the network properly for work-from home.”

Government-led attacks are originating from countries including Russia and Iran, he said. They are often aimed at stealing intellectual property related to vaccines, and are harder to detect and stop because they have more resources.

Meanwhile, hackers looking to make a buck are demanding ransoms of small-scale businesses, such as refrigeration companies, which keep the vaccines cold, Minder said.

These hackers, from Russia, Moldova or Belarus, get access to a network, shut it down and demand a ransom, Minder said. They target “low-hanging fruit,” or businesses that are less likely to be secured against cyber threats and more likely to pay a ransom because the vaccine is in high demand.

“It just reinforced something we already knew: The security of the supply chain is really important to the outcomes of an organization,” he said.

GroupSense keeps tracks of these reports in a dashboard that it developed, Minder said. Federal law enforcement agencies have access to this dashboard, and use it to track attack trends, he said.

The CEO advises companies and governments to secure their remote access, teach employees about phishing, and ensure they only use private emails to sign up for non-work-related accounts.

This year, the company — located at 4040 Fairfax Drive, in the Marymount University building — reported 65% year-over-year growth, despite the pandemic.