Cyber ​​attack: Coronavirus vaccine supply chain under attack, IBM reveals

by bold-lichterman

IT group IBM revealed on Thursday that a series of cyber attacks had targeted the coronavirus vaccine supply chain, which requires doses to be stored and transported at very low temperatures. “Our team recently discovered a global phishing campaign targeting organizations associated with the cold chain linked to Covid-19”, wrote in a blog post Claire Zaboeva and Melissa Frydrych, analysts for IBM X-Force, a working group dedicated to cybersecurity.

The Directorate-General for Taxation and Customs, a service of the European Commission, was one of the targets of these attacks. Energy and IT companies based in Germany, Italy, the Czech Republic, South Korea and Taiwan have also been targeted, according to IBM. The vaccine developed by Pfizer and the German company BioNTech, which received the green light for marketing in the United Kingdom on Wednesday, must not be exposed to temperatures above -70 ° C to ensure its effectiveness.

To trap their victims, the hackers would have used the method of spear phishing, or “spear phishing”, which consists of posing as a legitimate actor in order to recover confidential and sensitive data. In this case, fraudulent emails were allegedly sent by an alleged executive of the Chinese company Haier Biomedical, which is effectively part of the vaccine supply chain and collaborates with the World Health Organization, Unicef ​​and other UN agencies. In the posts, the so-called executive was saying “Want to place an order with your company” and attached malware asking recipients to provide personal information, IBM says.

A state actor?

The American group specifies that it is not in a position to say who is at the origin of these attacks, but assures that their nature and their sophistication are reminiscent of the methods of a state actor. ” Without a clear path to loot, it’s unlikely that cybercriminals will devote their time and resources to carrying out such a premeditated operation with so many targets interconnected and spread across the globe ”, write Ms Zaboeva and Ms Frydrych. IBM says it does not know whether the hacking attempts were successful. The US federal cybersecurity agency CISA said IBM’s report should be taken seriously by organizations involved in the vaccine supply chain.

The CISA encourages all organizations involved in the storage and transport of vaccines to strengthen their protections, in particular for cold storage operations, and to remain vigilant against any activity in this sector ”, reacted in a statement sent to AFP Josh Corman, researcher for the CISA.