Hackers Target Coronavirus Vaccine Supply Chain

The international Coronavirus vaccine supply chain has been targeted by cyber-espionage, according to reaearchers at IBM. Unknown hackers have been trying to compromise accounts and computer systems of employees in various organisations involved in the COVID-19 vaccine supply chain.
 
The hackers have been trying to break into the supply chain that will help COVID-19 vaccines get delivered at the required deep-freeze temperature. While it’s obvious that their spear-phishing emails are aimed at harvesting login credentials, their final goal is likely to get their hand on as much information as possible, according to IBM Security X-Force
 
It’s unclear whether their attempts have yet been successful. IBM says it tracked a campaign aimed at the delivery "cold chain" used to keep vaccines at the right temperature during transportation. The attackers' identity is unclear - but IBM said the sophistication of their methods indicated a nation state.It follows warnings from governments - including the UK's - of countries targeting aspects of vaccine research.
 
Phishing Emails
 
IBM says it believes the campaign started in September when phishing emails were first sent out across six countries, which targeted organisations linked to the Cold Chain Equipment Optimisation Platform (CCEOP) of Gavi, the international vaccine alliance. Gavi's partners include the World Health Organisation, Unicef, the World Bank and the Bill & Melinda Gates Foundation. They help distribute vaccines around the world to some of the poorest regions and this sometimes requires a "cold chain". 
 
Malicious Code
 
The Pfizer-BioNTech vaccine - which was not the specific target of this campaign - needs to be kept at a temperature of about -70C as it is moved about. The attackers impersonated a business executive from a legitimate Chinese company involved in CCEOP's supply cold chain to make it more likely the targets would engage with the email. They then sent phishing emails to organisations that provided transportation, which contained malicious code and asked for people's log in credentials. 
 
That could have allowed them to understand the infrastructure that governments intended to use to distribute vaccines.  "Advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target," IBM says.
 
According to IBM  the wider targeting included:  
 
  • The European Commission's Directorate General Taxation and Customs Union.
  • Companies involved in manufacturing solar panels, which can be used to keep vaccines cold in places where reliable power is not available.
  • A South Korean software-development company.
  • A German website-development company, which supports clients associated with pharmaceutical manufacturers, container transport, biotechnology and manufacturers of electrical components for communications
The hacking campaign was uncovered by an IBM Security team set up at the start of the pandemic to track down Covid-19 cyber threats. "The precision targeting and nature of the specific targeted organisations potentially point to nation-state activity.... Without a clear path to a payout, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation." IBM said.
 
Intelligence Gathering
 
IBM says it has notified those targeted as well as law-enforcement authorities.In July, the UK warned Russian intelligence had targeted UK vaccine research, including the British Astra Zeneca project in Oxford. The US authorities have warned of Chinese hacking, while Microsoft has said it had seen North Korean and Russian hackers targeting vaccine research. US officials suggested the activity so far had been about intelligence gathering rather than disruption of any research.
 
 IBM         US-CERT:    CISA:     Business Insider:       Help Net Security:     BBC
 
You Might Also Read: 
 
Covid Vaccine-Maker Suffers Cyber Attacks:
 
« Facebook Fights Fake News - Badly
Britain's New Regime For Online Platforms »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Zertificon Solutions

Zertificon Solutions

Zertificon is a leader in professional email encryption and data security.

MinerEye

MinerEye

MinerEye safeguards confidential and personal data for the world’s leading enterprises, including leading banks and technology vendors.

Falanx Group

Falanx Group

Falanx Group protect and defend businesses against global cyber security threats.

Ability

Ability

Ability specializes in the interception of cellular and satellite communication networks. Use is restricted to authorized government agencies only.

Watchdata Technologies

Watchdata Technologies

Watchdata Technologies is a pioneer in digital authentication and transaction security.

SpectX

SpectX

SpectX is software for parsing and analysing raw logs and any other unstructured data for applications such as Infosec incident investigation and forensics.

Intuity

Intuity

The Intuity suite of services provides companies with a complete awareness of their security status and helps them in an efficient, efficient and sustainable improvement process.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Zeusmark

Zeusmark

Zeusmark are a digital brand security company. We enable companies to successfully defend their brands, revenue and consumers online.

Private Machines

Private Machines

Private Machines develops unique patent-pending technology protects cloud and data center workloads.

National Center for Infrastructure Protection and Cybersecurity (CNPIC) - Spain

National Center for Infrastructure Protection and Cybersecurity (CNPIC) - Spain

CNPIC is responsible for the promotion, coordination and supervision of all politics and activities related to the protection of critical infrastructures and cybersecurity in Spain.

GitProtect.io

GitProtect.io

​GitProtect is a fully manageable, professional GitHub and Bitbucket backup and recovery software that protects repositories and metadata from any event of failure.

Ascent Cyber

Ascent Cyber

Ascent Cyber provide simple and stress-free solutions to protect your business and its customers from the worries and costs of cybercrime.

Cornami

Cornami

Cornami delivers real-time computing on encrypted data sets, which is vital for data privacy and cloud security.

PCI Security Standards Council (PCI SSC)

PCI Security Standards Council (PCI SSC)

The PCI Security Standards Council is a global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments.