Hackers Target Coronavirus Vaccine Supply Chain

The international Coronavirus vaccine supply chain has been targeted by cyber-espionage, according to reaearchers at IBM. Unknown hackers have been trying to compromise accounts and computer systems of employees in various organisations involved in the COVID-19 vaccine supply chain.
 
The hackers have been trying to break into the supply chain that will help COVID-19 vaccines get delivered at the required deep-freeze temperature. While it’s obvious that their spear-phishing emails are aimed at harvesting login credentials, their final goal is likely to get their hand on as much information as possible, according to IBM Security X-Force
 
It’s unclear whether their attempts have yet been successful. IBM says it tracked a campaign aimed at the delivery "cold chain" used to keep vaccines at the right temperature during transportation. The attackers' identity is unclear - but IBM said the sophistication of their methods indicated a nation state.It follows warnings from governments - including the UK's - of countries targeting aspects of vaccine research.
 
Phishing Emails
 
IBM says it believes the campaign started in September when phishing emails were first sent out across six countries, which targeted organisations linked to the Cold Chain Equipment Optimisation Platform (CCEOP) of Gavi, the international vaccine alliance. Gavi's partners include the World Health Organisation, Unicef, the World Bank and the Bill & Melinda Gates Foundation. They help distribute vaccines around the world to some of the poorest regions and this sometimes requires a "cold chain". 
 
Malicious Code
 
The Pfizer-BioNTech vaccine - which was not the specific target of this campaign - needs to be kept at a temperature of about -70C as it is moved about. The attackers impersonated a business executive from a legitimate Chinese company involved in CCEOP's supply cold chain to make it more likely the targets would engage with the email. They then sent phishing emails to organisations that provided transportation, which contained malicious code and asked for people's log in credentials. 
 
That could have allowed them to understand the infrastructure that governments intended to use to distribute vaccines.  "Advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target," IBM says.
 
According to IBM  the wider targeting included:  
 
  • The European Commission's Directorate General Taxation and Customs Union.
  • Companies involved in manufacturing solar panels, which can be used to keep vaccines cold in places where reliable power is not available.
  • A South Korean software-development company.
  • A German website-development company, which supports clients associated with pharmaceutical manufacturers, container transport, biotechnology and manufacturers of electrical components for communications
The hacking campaign was uncovered by an IBM Security team set up at the start of the pandemic to track down Covid-19 cyber threats. "The precision targeting and nature of the specific targeted organisations potentially point to nation-state activity.... Without a clear path to a payout, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation." IBM said.
 
Intelligence Gathering
 
IBM says it has notified those targeted as well as law-enforcement authorities.In July, the UK warned Russian intelligence had targeted UK vaccine research, including the British Astra Zeneca project in Oxford. The US authorities have warned of Chinese hacking, while Microsoft has said it had seen North Korean and Russian hackers targeting vaccine research. US officials suggested the activity so far had been about intelligence gathering rather than disruption of any research.
 
 IBM         US-CERT:    CISA:     Business Insider:       Help Net Security:     BBC
 
You Might Also Read: 
 
Covid Vaccine-Maker Suffers Cyber Attacks:
 
« Facebook Fights Fake News - Badly
Britain's New Regime For Online Platforms »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Becrypt

Becrypt

Becrypt is a trusted provider of endpoint cybersecurity software solutions. We help the most security conscious organisations to protect their customer, employee and intellectual property data.

Exodus Intelligence

Exodus Intelligence

Exodus Intelligence are an industry leading provider of exclusive zero-day vulnerability intelligence, exploits, defensive guidance, and vulnerability research trends.

Electric Imp

Electric Imp

Electric Imp offers an innovative and powerful Internet of Things platform that securely connects devices with advanced cloud computing resources.

GreyCastle Security

GreyCastle Security

GreyCastle Security is a leading cybersecurity services provider dedicated exclusively to cybersecurity and the practical management of cybersecurity risks.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Netragard

Netragard

Netragard has an established reputation for providing high-quality offensive and defensive security services.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

CyberRisk Alliance (CRA)

CyberRisk Alliance (CRA)

CyberRisk Alliance is a business intelligence company created to serve the rapidly evolving cybersecurity and information risk management marketplace.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

Sentor Managed Security Services

Sentor Managed Security Services

Sentor Managed Security Services is a cybersecurity company that enables organizations to exist in a digitally connected world.

Concourse Labs

Concourse Labs

Concourse Labs Security Guardrails continuously verify cloud infrastructure and workloads. Continuously assess clouds for security, resiliency, and regulatory compliance.

Applied Connective Technologies

Applied Connective Technologies

Applied Connective is one team for all your technology needs, from IT to phones, cyber security to physical security, audio/video and the infrastructure to support it.

Xcelerate Solutions

Xcelerate Solutions

Xcelerate Solutions is a leading defense and national security company, providing integrated solutions in three service areas – Enterprise Security, Digital Transformation, and Strategic Consulting.

Reach Security

Reach Security

Reach is the first generative AI platform purpose-built to empower enterprise security teams. With Reach, organizations measure, manage, and improve their enterprise security posture at scale.

National Cyber Force (NCF)

National Cyber Force (NCF)

The National Cyber Force (NCF) is a partnership between defence and intelligence.