Hackers Target Coronavirus Vaccine Supply Chain

The international Coronavirus vaccine supply chain has been targeted by cyber-espionage, according to reaearchers at IBM. Unknown hackers have been trying to compromise accounts and computer systems of employees in various organisations involved in the COVID-19 vaccine supply chain.
 
The hackers have been trying to break into the supply chain that will help COVID-19 vaccines get delivered at the required deep-freeze temperature. While it’s obvious that their spear-phishing emails are aimed at harvesting login credentials, their final goal is likely to get their hand on as much information as possible, according to IBM Security X-Force
 
It’s unclear whether their attempts have yet been successful. IBM says it tracked a campaign aimed at the delivery "cold chain" used to keep vaccines at the right temperature during transportation. The attackers' identity is unclear - but IBM said the sophistication of their methods indicated a nation state.It follows warnings from governments - including the UK's - of countries targeting aspects of vaccine research.
 
Phishing Emails
 
IBM says it believes the campaign started in September when phishing emails were first sent out across six countries, which targeted organisations linked to the Cold Chain Equipment Optimisation Platform (CCEOP) of Gavi, the international vaccine alliance. Gavi's partners include the World Health Organisation, Unicef, the World Bank and the Bill & Melinda Gates Foundation. They help distribute vaccines around the world to some of the poorest regions and this sometimes requires a "cold chain". 
 
Malicious Code
 
The Pfizer-BioNTech vaccine - which was not the specific target of this campaign - needs to be kept at a temperature of about -70C as it is moved about. The attackers impersonated a business executive from a legitimate Chinese company involved in CCEOP's supply cold chain to make it more likely the targets would engage with the email. They then sent phishing emails to organisations that provided transportation, which contained malicious code and asked for people's log in credentials. 
 
That could have allowed them to understand the infrastructure that governments intended to use to distribute vaccines.  "Advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target," IBM says.
 
According to IBM  the wider targeting included:  
 
  • The European Commission's Directorate General Taxation and Customs Union.
  • Companies involved in manufacturing solar panels, which can be used to keep vaccines cold in places where reliable power is not available.
  • A South Korean software-development company.
  • A German website-development company, which supports clients associated with pharmaceutical manufacturers, container transport, biotechnology and manufacturers of electrical components for communications
The hacking campaign was uncovered by an IBM Security team set up at the start of the pandemic to track down Covid-19 cyber threats. "The precision targeting and nature of the specific targeted organisations potentially point to nation-state activity.... Without a clear path to a payout, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation." IBM said.
 
Intelligence Gathering
 
IBM says it has notified those targeted as well as law-enforcement authorities.In July, the UK warned Russian intelligence had targeted UK vaccine research, including the British Astra Zeneca project in Oxford. The US authorities have warned of Chinese hacking, while Microsoft has said it had seen North Korean and Russian hackers targeting vaccine research. US officials suggested the activity so far had been about intelligence gathering rather than disruption of any research.
 
 IBM         US-CERT:    CISA:     Business Insider:       Help Net Security:     BBC
 
You Might Also Read: 
 
Covid Vaccine-Maker Suffers Cyber Attacks:
 
« Facebook Fights Fake News - Badly
Britain's New Regime For Online Platforms »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NCX Group

NCX Group

NCX Group is committed to helping customers identify and mitigate the risks inherent in today’s interconnected environments and business processes.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

Cyber Secure Forum

Cyber Secure Forum

The Cyber Secure Forum is a premier cybersecurity event dedicated to bringing together experts, and professionals to explore the latest trends, share knowledge, and discuss strategies.

Guardtime

Guardtime

Guardtime's Black Lantern platform provides real-time cybersecurity and data-centric asset protection.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

National Information Technology Development Agency (NITDA) - Nigeria

National Information Technology Development Agency (NITDA) - Nigeria

The National Information Technology Development Agency (NITDA) is committed to implementing the Nigerian National Information Technology Policy.

Matrix42

Matrix42

Matrix42 software for digital workspace experience manages devices, applications, processes and services simple, secure and compliant.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

Polaris Infosec

Polaris Infosec

Polaris Web Presence Protection (WPP) is powered by our proprietary artificial intelligence and machine learning engine to ensure that attacks are stopped before they affect your business.

Safe Systems

Safe Systems

Safe Systems provide compliance centric IT services for community banks and credit unions, ensuring that they are kept up to date on current technologies, security risks, and regulatory changes.

Jisc

Jisc

Jisc is a membership organisation working in partnership with the UK’s research and education communities to develop the digital technologies they need to teach, discover and thrive.

Quatrro Business Support Services (QBSS)

Quatrro Business Support Services (QBSS)

QBSS is a tech-enabled outsourcing firm that’s changing the way companies think about finance, accounting, human resources and technology services.

Sterling Information Technologies

Sterling Information Technologies

Sterling is an information security, operational risk consulting and advisory group. Our Advisory services help to safeguard information assets while supporting business operations.

Data Computer Services

Data Computer Services

Data Computer Services provides professional tailored IT Support and IT Services for businesses throughout Edinburgh and the Lothians.

SteelGate

SteelGate

SteelGate’s core capabilities are centered around architecture design and engineering of network, systems, and cybersecurity solutions.