The vaccine's cold supply chain was attacked
The ‘cold supply chain’ that sees vaccines transported at sub-zero temperatures has been targeted by a group of hackers likely backed by a nation state, IBM has warned.
The tech giant said it had uncovered “a global phishing campaign” targeting the supply chain for vaccines such as the one developed by US company Pfizer and Germany’s BioNTech.
The hackers appeared to be trying to disrupt or steal intelligence about the processes that would keep vaccines cold while on their way to hospitals or a doctor’s office.
The attempt spanned six countries linked to the Cold Chain Equipment Optimisation Platform (CCEOP) of Gavi, the international vaccine alliance which helps distribute jabs to some of the world’s poorest countries.
"Given the specialisation and global distribution of organisations targeted in this campaign, it’s highly likely that the adversary is intimately aware of critical components and participants of the cold chain," IBM said.
An email phishing campaign targeted the European Commission and organisations in energy, manufacturing, software and security across Germany, Italy, South Korea, Czech Republic and Taiwan.
Claire Zaboeva, an analyst at IBM, said the campaign saw hackers impersonating an executive at Haier Biomedical, a member of the Covid vaccine supply group. Other spoofed emails came from UNICEF and other UN agencies.
Ms Zaboeva said: "Disguised as this employee, the adversary sent phishing emails to organisations believed to be providers of material support to meet transportation needs within the COVID-19 cold chain. We assess that the purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorised access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution."
The researchers said it was unclear if the campaign had successfully hacked any targets.
It comes as the UK prepares to begin distributing Pfizer’s vaccine as soon as Monday, with the Army stood up and NHS staff expected to be first in line to receive the jab.
The US Cybersecurity and Infrastructure Security Agency said it urged members of vaccine group Operation Warp Speed to read and take action on the IBM report. IBM said the vaccine supply chain was a "high-value and high-priority nation-state target".
Свежие комментарии