Hackers targeting Covid-19 vaccine cold chain, warns IBM

Published: Dec 3, 2020, 7:13 pm IST
Hackers targeting Covid-19 vaccine cold chain, warns IBM

San Francisco: Tech giant IBM on Thursday said its team has uncovered a global phishing campaign targeting organisations associated with a Covid-19 cold chain.

The cold chain plays a very important role in vaccine supply chain by ensuring the safe preservation of vaccines in temperature-controlled environments during their storage and transportation.

This calculated operation targeting organisations linked to Covid-19 cold chain started in September, IBM said in a blog post.

The Covid-19 phishing campaign spanned across six countries and targeted organisations likely associated with Gavi, The Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) programme.

While the identity of the attackers could not be determined definitively, the precision targeting of executives and key global organisations hold the potential hallmarks of nation-state tradecraft, IBM said.

The analysis of the campaign showed that the attackers impersonated a business executive from Haier Biomedical, a credible and legitimate member company of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP programme.

Disguised as this employee, the cyber criminals sent phishing emails to organisations believed to be providers of material support to meet transportation needs within the Covid-19 cold chain.

“We assess that the purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorised access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution,” Claire Zaboeva, Senior Strategic Cyber Threat Analyst at IBM wrote in the blog post.

The targets included the European Commission’s Directorate-General for Taxation and Customs Union, as well as organisations within the energy, manufacturing, website creation and software and internet security solutions sectors.

These are global organisations headquartered in Germany, Italy, South Korea, Czech Republic, greater Europe and Taiwan.

The spear-phishing emails were sent to select executives in sales, procurement, information technology and finance positions, likely involved in company efforts to support a vaccine cold chain.

The tech giant has urged companies in the Covid-19 supply chain to be vigilant and remain on high alert during this time when vaccine supplies have become crucial to beat the pandemic.

In conjunction with this blog, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert encouraging organisations associated with the storage and transport of a vaccine to review this research and recommended best practices to remain vigilant.

218 Views