Hackers targeting COVID-19 vaccine supply chain, IBM warns | Inquirer News

Hackers targeting COVID-19 vaccine supply chain, IBM warns

/ 01:05 PM December 04, 2020

FILE PHOTO: A woman holds a small bottle labeled with a “Vaccine COVID-19” sticker and a medical syringe in this illustration taken April 10, 2020. REUTERS/Dado Ruvic

NEW YORK, United States  – With multiple vaccines close to becoming available in a world gripped by the coronavirus pandemic, manufacturers have become the target of hackers trying to steal trade secrets or disrupt supply chains.

IBM warned Thursday that it had uncovered a series of cyber attacks, potentially carried out by state actors, against companies involved in the effort to distribute vaccine doses, which must be kept cold.


IBM said the European Commission’s Directorate-General for Taxation and Customs Union was one target of the attacks, as well as European and Asian companies involved in the supply chain, whose names have not been disclosed.

“Our team recently uncovered a global phishing campaign targeting organizations associated with a COVID-19 cold chain,” Claire Zaboeva and Melissa Frydrych, analysts for IBM X-Force, a cyber security working group, wrote in a blog post.


The purpose “may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution.”

It was unclear if the attacks were successful, IBM said, and while it could not identify those behind the attacks, the precision of the operation signals “the potential hallmarks of nation-state tradecraft.”

The vaccine developed by Pfizer and German company BioNTech, which on Wednesday got the green light from Britain to distribute its vaccine, must be stored below -70 degrees Celsius to ensure its effectiveness.

That means it will require specialized logistics companies such as Haier Biomedical, a Chinese-owned cold chain supply company working with the World Health Organization and the United Nations.

Hackers impersonated an executive from Haier Biomedical, and “disguised as this employee, the adversary sent phishing emails to organizations believed to be providers of material support to meet transportation needs within the COVID-19 cold chain,” Zaboeva and Frydrych wrote.

Moderna also has developed a vaccine that must be stored at -20 degrees Celsius, while AstraZeneca’s version can be stored in a normal freezer.

– Wave of attacks –


Cybercriminals also have tried to attack several pharmaceutical companies developing vaccines including Johnson & Johnson, Novavax, AstraZeneca and South Korean laboratories, according to the Wall Street Journal.

Spanish laboratories also reportedly have been attacked by Chinese cybercriminals, the El Pais newspaper reported in September.

Cold storage giant Americold last month reported a hack into its computer systems to the US stock market regulator, without specifying whether the attack was related to the group’s role in vaccine storage.

“The intellectual property relating to mass market pharmaceuticals has tremendous value and so is a significant prize for a cybercriminal,” said Mark Kedgley, chief technology officer at New Net Technologies (NNT), a Naples, Florida-based provider of cybersecurity and compliance software.

And COVID-19 vaccines draw “Nation State level hacking.”

The countries experts most often linked to cyber attacks are Russia, China and North Korea, although there is no formal proof of their involvement in the recent incidents.

But cybersecurity firm Kapersky notes the use of “false flags” including Russian-linked email addresses, in a possible move to deflect blame for the attacks.

There also could be financial motives behind the attacks.

Brett Callow, threat analyst at Emisoft, said the attacks are not surprising.

“States or non state actors will try to use any situation that they can to obtain an advantage, whether it’s a political or a financial advantage,” he told AFP. “It’s pretty much inconceivable that anything COVID-related wouldn’t come under attack.”

The US federal cyber security agency, CISA, said the IBM report should be taken seriously by organizations involved in the vaccine supply chain.

“CISA encourages all organizations involved in vaccine storage and transport to harden attack surfaces, particularly in cold storage operation, and remain vigilant against all activity in this space,” Josh Corman, a CISA strategist, told AFP.

The labs, too, will be on alert.

“Much of the large pharma companies have the skills and cybersecurity organizations to be able to detect this malicious type code and to protect against it,” Marrene Allison, chief information security officer for Johnson & Johnson, said Thursday during a conference hosted by the Aspen Institute.

But, she said, “unfortunately, not everyone has that in the health care industry.”


For more news about the novel coronavirus click here.
What you need to know about Coronavirus.
For more information on COVID-19, call the DOH Hotline: (02) 86517800 local 1149/1150.

The Inquirer Foundation supports our healthcare frontliners and is still accepting cash donations to be deposited at Banco de Oro (BDO) current account #007960018860 or donate through PayMaya using this link .

Read Next
Don't miss out on the latest news and information.

Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.

TAGS: Coronavirus, hackers, vaccine
For feedback, complaints, or inquiries, contact us.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2021 INQUIRER.net | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.