Hackers target groups in COVID vaccine distribution, says IBM
Targets included the European Commission's Directorate-General of Taxation and Customs Union and companies that make solar panels for powering portable vaccine refrigerators.
New Delhi: IBM security researchers say they have detected a cyberespionage effort using targeted phishing emails to try to collect vital information on the WHO's initiative for distributing Covid-19 vaccine to developing nations. The researchers said they could not be sure who was behind the campaign, which began in September, or if it was successful. But the precision targeting and careful efforts to leave no tracks bore "the potential hallmarks of nation-state tradecraft", they said in a blog post on Thursday.
The campaign's targets, in countries including Germany, Italy, South Korea and Taiwan, are likely associated with the development of the "cold chain" needed to ensure coronavirus vaccines get the nonstop sterile refrigeration they need to be effective for the nearly 3 billion people who live where temperature-controlled storage is insufficient, IBM said. "Think of it as the bloodline that will be supplying the most vital vaccines globally," said Claire Zaboeva, an IBM analyst involved in the detection.
Whoever is behind the operation could be motivated by a desire to learn how the vaccines are best able to be shipped and stored — the entire refrigeration process — in order to copy it, said Nick Rossmann, the IBM team's global threat intelligence lead. Or they might want to be able to undermine a vaccine's legitimacy or launch a disruptive or destructive attack, he added.
In the ploy, executives with groups likely associated with the initiative known as Covax — created by the Gavi Vaccine Alliance, the WHO and other UN agencies — were sent spoofed emails appearing to come from an executive of Haier Biomedical, a Chinese firm considered the world's main cold-chain supplier, the analyst said. The phishing emails had malicious attachments that prompted recipients to enter credentials that could have been used to harvest sensitive information about partners vital to the vaccine-delivery platform. Targets included the European Commission's Directorate-General for Taxation and Customs Union and companies that make solar panels for powering portable vaccine refrigerators. Other targets were petrochemical companies, likely because they produce dry ice, which is used in the cold chain, Zaboeva said.
Last month, Microsoft said it had detected mostly unsuccessful attempts by state-backed Russian and North Korean hackers to steal data from leading pharma companies and vaccine researchers. It gave no information on how many succeeded or how serious those breaches were. Chinese state-backed hackers have also targeted vaccine makers, the US said in announcing criminal charges in July.
Read also: COVID vaccine maker AstraZeneca targeted by suspected North Korean hackers
Our comments section is governed by our Comments Policy . By posting comments at Medical Dialogues you automatically agree with our Comments Policy , Terms And Conditions and Privacy Policy .
Disclaimer: This website is primarily for healthcare professionals. The content here does not replace medical advice and should not be used as medical, diagnostic, endorsement, treatment, or prescription advice. Medical science evolves rapidly, and we strive to keep our information current. If you find any discrepancies, please contact us at corrections@medicaldialogues.in. Read our Correction Policy here. Nothing here should be used as a substitute for medical advice, diagnosis, or treatment. We do not endorse any healthcare advice that contradicts a physician's guidance. Use of this site is subject to our Terms of Use, Privacy Policy, and Advertisement Policy. For more details, read our Full Disclaimer here.
NOTE: Join us in combating medical misinformation. If you encounter a questionable health, medical, or medical education claim, email us at factcheck@medicaldialogues.in for evaluation.