In keeping with IBM By Reuters, hackers goal the distribution of COVID-19 vaccines
© Reuters. FILE PHOTO: A woman holds a medical syringe and small bottle that says “Coronavirus COVID-19 Vaccine”
By Raphael Satter
WASHINGTON (Reuters) – IBM (NYSE 🙂 and US officials are raising the alarm over hackers targeting companies critical to the distribution of COVID-19 vaccines.
IBM said Thursday that the campaign was a sign that digital spies are turning their attention to the complex logistical work involved in vaccinating the world’s population against the novel coronavirus, although some outside experts have questioned whether that is the focus be the hacker.
In a blog post posted on Thursday https://securityintelligence.com/posts/ibm-uncovers-global-phishing-covid-19-vaccine-cold-chain, IBM said it had uncovered “a global phishing campaign” which focuses on affiliated organizations with the COVID-19 vaccine “cold chain” – the process required to keep vaccine doses in extremely cold temperatures on their way from the manufacturer to the people’s poor.
The U.S. agency for cybersecurity and infrastructure security republished the report, warning https://us-cert.cisa.gov/ncas/current-activity/2020/12/03/ibm-releases-report-cyber-actors-targeting -covid- Members of Operation Warp Speed - the US government’s national vaccine mission – with 19 vaccines are said to be on the alert.
However, other cybsecurity experts have expressed skepticism about the results from IBM.
Joe Slowik, a researcher with online threat intelligence company DomainTools, believed IBM had encountered “a subset of activities” that were part of a much broader campaign “that may not focus on vaccines or similar activities.”
While “definitely malevolent,” Slowik said he wasn’t convinced it was specifically targeted at vaccine distribution.
It is not clear who is behind the espionage. Messages sent to the email addresses used by the hackers were not returned.
Understanding how to build a safe cold chain is fundamental to the distribution of vaccines developed by them Pfizer Inc (NYSE 🙂 and BioNTech, as the recordings must be stored at minus 70 degrees Celsius or below to avoid spoilage.
IBM’s cybersecurity division said it has discovered an advanced group of hackers working to gather information on various aspects of the cold chain. It used carefully crafted booby-trap emails sent on behalf of a senior executive at Haier Biomedical, a Chinese cold chain provider specializing in vaccine delivery and biological sample storage.
Haier Medical has not returned any comments.
Targets included companies involved in the manufacture of solar panels that power vaccine refrigerators in warm countries, as well as petrochemical products that can be used to make dry ice.
The hackers made “an extraordinary amount of effort,” said IBM analyst Claire Zaboeva, who helped prepare the report. According to Zaboeva, hackers have been researching the right brand, model and pricing for various Haier refrigerators.
“Whoever put this campaign together knew exactly what products were in the supply chain to deliver a vaccine against a global pandemic,” she said.
The only organization named in the IBM report – the European Commission’s Taxation and Customs Union Directorate-General – said in a statement that it was aware that it was targeted in the hacking campaign.
“We have taken the necessary steps to mitigate the attack and are closely monitoring and analyzing the situation,” the statement said.
Reuters has previously documented how hackers associated with Iran, Vietnam, North Korea, South Korea, China and Russia have been accused on various occasions by cybersecurity experts or government officials of attempting to steal information about the virus and its possible treatments . Cyber criminals were also active against healthcare providers such as hospitals during the pandemic.
IBM’s Zaboeva said there was no shortage of potential suspects. Figuring out how to get an economical vaccine out quickly “should top the list of nation-states around the world,” she said.