Vaccine ‘cold chain’ distribution network targeted by hackers, IBM says
3 December 2020, 13:04
The US tech giant said the attack had the ‘hallmarks’ of being carried out by a nation state.
International organisations involved in distributing Covid-19 vaccines have been targeted by possible state-linked cyber spies, according to IBM.
The US tech giant said it had uncovered a “global phishing campaign” it believes started in September, targeting those associated with the “cold chain” for storing and transporting vaccines at the right temperature.
Vaccines such as the recently approved Pfizer-BioNTech jab – which was not identified as a target – need to be kept at -70C (-94F).
It is not clear who carried out the attack but security researchers said it had the “hallmarks” of a nation state being behind it.
“Without a clear path to a cash-out, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets,” IBM said.
“Likewise, insight into the transport of a vaccine may present a hot black market commodity, however, advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation state target.”
The attempt spanned six countries linked to the Cold Chain Equipment Optimisation Platform (CCEOP) of Gavi, the international vaccine alliance which helps distribute jabs to some of the world’s poorest countries.
Those responsible impersonated a business executive from Haier Biomedical, a legitimate member company of the Covid-19 vaccine supply chain.
Calculated cyber-attacks have been targeting organizations involved in the COVID-19 vaccinations supply chain.
Get the details from the IBM Security X-Force intelligence taskforce:
— IBM Security (@IBMSecurity) December 3, 2020
They then sent malicious false emails to organisations involved in transportation, in a possible attempt to take login details and thereby gain unauthorised access to sensitive information about distribution.
Targets included the European Commission’s Directorate General Taxation and Customs Union, companies associated with manufacturing solar panels to keep vaccines cold, a South Korean software development firm and a German website development company with pharmaceutical manufacturers among its client list.
“Given the specialisation and global distribution of organisations targeted in this campaign, it’s highly likely that the adversary is intimately aware of critical components and participants of the cold chain,” IBM said.
It is unknown whether perpetrators succeeded but those affected and authorities have been notified about the operation.
