Cyberattacks target COVID-19 vaccine distribution effort
IBM says phishing campaign focused on organizations associated with 'cold chain' supply process
IBM is sounding the alarm over hackers targeting companies critical to the distribution of COVID-19 vaccines, a sign that digital spies are turning their attention to the complex logistical work involved in inoculating the world's population against the novel coronavirus.
The information technology company said in a blog post published on Thursday that it had uncovered "a global phishing campaign" focused on organizations associated with the COVID-19 vaccine "cold chain" — the process needed to keep vaccine doses at extremely cold temperatures as they travel from manufacturers to people's arms.
The U.S. Cybersecurity and Infrastructure Security Agency reposted the report, warning members of Operation Warp Speed — the U.S. government's national vaccine mission — to be on the lookout.
Understanding how to build a secure cold chain is fundamental to distributing vaccines developed by the likes of Pfizer Inc. and BioNTech SE because the shots need to be stored at –70 C or below to avoid spoiling.
'An exceptional amount of effort'
IBM's cybersecurity unit said it had detected an advanced group of hackers working to gather information about different aspects of the cold chain, using meticulously crafted booby-trapped emails sent in the name of an executive with Haier Biomedical, a Chinese cold chain provider that specializes in vaccine transport and biological sample storage.
COVID-19 vaccine supply chains targeted, IBM X-Force & <a href="https://twitter.com/CISAgov?ref_src=twsrc%5Etfw">@CISAgov</a> warn. Impersonating a biomedical firm, cyber actors are sending phishing and spearphishing emails to organizations involved in vaccine storage & transport to harvest account credentials. <a href="https://t.co/96ILam4o1n">https://t.co/96ILam4o1n</a> <a href="https://t.co/5H1Z1o2dos">pic.twitter.com/5H1Z1o2dos</a>—@NCSCgov
The hackers went through "an exceptional amount of effort," said IBM analyst Claire Zaboeva, who helped draft the report. Hackers researched the correct make, model and pricing of various Haier refrigeration units, Zaboeva said.
"Whoever put together this campaign was intimately aware of whatever products were involved in the supply chain to deliver a vaccine for a global pandemic," she said.
Haier Medical did not return messages seeking comment.
Messages sent to the email addresses used by the hackers were not returned.
IBM said the bogus Haier emails were sent to around 10 different organizations but only identified one target by name: the European Commission's Directorate-General for Taxation and Customs Union, which handles tax and customs issues across the EU and has helped set rules on the import of vaccines.
Representatives for the directorate-general could not immediately be reached for comment.
IBM said other targets included companies involved in the manufacture of solar panels, which are used to power vaccine refrigerators in warm countries, and petrochemical products that could be used to derive dry ice.
Canada a target of previous hacking attempts
Who is behind the vaccine supply chain espionage campaign isn't clear.
Reuters has previously documented how hackers linked to Iran, Vietnam, North Korea, South Korea, China, and Russia have on separate occasions been accused by cybersecurity experts or government officials of trying to steal information about the virus and its potential treatments.
IBM's Zaboeva said there was no shortage of potential suspects. Figuring out how to swiftly distribute an economy-saving vaccine "should be topping the lists of nation states across the world," she said.
Last month, Microsoft said it had detected mostly unsuccessful attempts by state-backed Russian and North Korean hackers to steal data from leading pharmaceutical companies and vaccine researchers. It gave no information on how many succeeded or how serious those breaches were. Chinese state-backed hackers have also targeted vaccine makers, the U.S. government said in announcing criminal charges in July.
Microsoft said most of the targets — located in Canada, France, India, South Korea and the United States — were researching vaccines and COVID-19 treatments. It did not name the targets.
On Wednesday, Britain became the first country to authorize a rigorously tested COVID-19 vaccine, the one developed by American drugmaker Pfizer and Germany's BioNTech.
Other countries aren't far behind: Regulators in Canada, the U.S. and the European Union also are vetting the Pfizer vaccine along with a shot made by Moderna Inc. British and Canadian regulators are also considering a vaccine made by AstraZeneca and Oxford University.
With files from The Associated Press