Hackers target Covid-19 vaccine distribution ‘cold chain’: IBM
Hackers “allegedly state agents” have carried out a phishing campaign against pharmaceutical companies and other institutions involved in the upcoming distribution of a new coronavirus vaccine, IBM said. Thursday.
In an article on Security intelligence Publishing their findings, IBM Security X-Force researchers wrote that “the precise targeting of key global leaders and organizations has the potential characteristics of a national business art”, adding that unknown hackers were likely seeking “information. . Progress on the purchase and movement of a vaccine that can affect life and the global economy. The target, according to IBM, appears to be the “ cold chain, ” a term for the logistics network that enables the transport of vaccines and other drugs from the point of manufacture to distribution in temperature controlled
IBM researchers wrote that people were targeting companies in at least six countries and using tactics such as impersonating a Haier Biomedical executive to send spear-phishing emails and head to web pages. help and support from the organization. Many of the targets were related to the Gavi International Vaccine Alliance cold chain program and included key European Union agencies for vaccine distribution, UNICEF, companies that manufacture solar panels used in cold stores. and IT companies that protect pharmaceutical companies:
Targets included the European Commission’s Directorate-General for Taxation and Customs Union, as well as organizations from the energy, manufacturing, website building, and Internet security software and solutions sectors. They are global organizations based in Germany, Italy, South Korea, Czech Republic, Europe and Taiwan.
The spear-phishing emails sent included malicious HTML files that prompted recipients to enter their login information, which pass them on to the attackers. Pfizer and Moderna, the two pharmaceutical companies that make vaccines slated for deployment in the United States soon, do not appear to be the target, according to the New York Times
. No other US company is known to be targeted.
The most likely explanation is a nation state because there is no clear “cash out” for cybercriminals, IBM researchers added in the statement, apart from the possibility this knowledge of vaccine shipping routes and safe storage requirements could be sold as a “hot black market product”. Hackers may also be interested in using stolen credentials to launch ransomware attacks on computer-controlled shipping containers. According to Washington post, it is not known whether the hackers were successful in any of their phishing attempts.
G / O Media can get a commission
“This activity took place in September, which means that someone is looking to move forward, looking to be where they need to be at the critical moment,” said Claire Zaboeva, Senior Cyber Threat Analyst at IBM Security X -Strength. says Wired. “… The door is really open. Once you’ve got the Keys to the Kingdom, and you’re inside the city walls or on the web, there are a myriad of goals you can accomplish, whether it’s critical information like as schedules and distribution, or disruptive attacks.
According to the Times, federal officials said the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) will respond to IBM’s alert by informing agencies involved in Operation Warp Speed, the US effort to develop and distribute a vaccine. CISA coronavirus strategist Josh Corman told The Times there is a need to increase “cybersecurity diligence at every step of the vaccine supply chain” and for institutions “involved in storage and transport of vaccines to cure vaccines attack surfaces, especially in cold storage operations ”.