Please try another search
By Raphael Satter
WASHINGTON (Reuters) - IBM (NYSE:IBM) and U.S. officials are sounding the alarm over hackers targeting companies critical to the distribution of COVID-19 vaccines.
IBM said on Thursday that the campaign was a sign that digital spies are turning their attention to the complex logistical work involved in inoculating the world's population against the novel coronavirus, although some outside experts questioned whether that was the hackers' focus.
In a blog post https://securityintelligence.com/posts/ibm-uncovers-global-phishing-covid-19-vaccine-cold-chain published on Thursday, IBM said it had uncovered "a global phishing campaign" focused on organizations associated with the COVID-19 vaccine "cold chain" - the process needed to keep vaccine doses at extremely cold temperatures as they travel from manufacturers to people's arms.
The U.S. Cybersecurity and Infrastructure Security Agency reposted the report, warning https://us-cert.cisa.gov/ncas/current-activity/2020/12/03/ibm-releases-report-cyber-actors-targeting-covid-19-vaccine-supply members of Operation Warp Speed - the U.S. government's national vaccine mission - to be on the lookout.
Other cybsecurity experts expressed some skepticism, however, of IBM's findings.
Joe Slowik, a researcher at online threat intelligence firm DomainTools, said he believed IBM had stumbled upon "a subset of activity" that was part of a much wider campaign "which may not be focused on vaccines or similar activity."
While "definitely malicious," Slowik said he was not convinced it was specifically focused on vaccine distribution.
Who is behind the espionage is not clear. Messages sent to the email addresses used by the hackers were not returned.
Understanding how to build a secure cold chain is fundamental to distributing vaccines developed by the likes of Pfizer Inc (NYSE:PFE) and BioNTech
IBM's cybersecurity unit said it had detected an advanced group of hackers working to gather information about different aspects of the cold chain, using meticulously crafted booby-trapped emails sent in the name of an executive with Haier Biomedical, a Chinese cold chain provider that specializes in vaccine transport and biological sample storage.
Haier Medical did not return messages seeking comment.
Targets included companies involved in the manufacture of solar panels, which are used to power vaccine refrigerators in warm countries, and petrochemical products that could be used to derive dry ice.
The hackers went through "an exceptional amount of effort," said IBM analyst Claire Zaboeva, who helped draft the report. Hackers researched the correct make, model, and pricing of various Haier refrigeration units, Zaboeva said.
"Whoever put together this campaign was intimately aware of whatever products were involved in the supply chain to deliver a vaccine for a global pandemic," she said.
The only organization identified by name in IBM's report - the European Commission's Directorate-General for Taxation and Customs Union - said in a statement that it was aware that it had been targeted in the hacking campaign.
"We have taken the necessary steps to mitigate the attack and are closely following and analysing the situation," the statement said.
Reuters has previously documented how hackers linked to Iran, Vietnam, North Korea, South Korea, China, and Russia have on separate occasions been accused by cybersecurity experts or government officials of trying to steal information about the virus and its potential treatments. Cybercriminals have also been active against health care providers such as hospitals during the pandemic.
IBM's Zaboeva said there was no shortage of potential suspects. Figuring out how to swiftly distribute an economy-saving vaccine "should be topping the lists of nation states across the world," she said.
Are you sure you want to block %USER_NAME%?
By doing so, you and %USER_NAME% will not be able to see any of each other's Investing.com's posts.
%USER_NAME% was successfully added to your Block List
Since you’ve just unblocked this person, you must wait 48 hours before renewing the block.
I feel that this comment is:
Thank You!
Your report has been sent to our moderators for review
Add a Comment
We encourage you to use comments to engage with other users, share your perspective and ask questions of authors and each other. However, in order to maintain the high level of discourse we’ve all come to value and expect, please keep the following criteria in mind:
Enrich the conversation, don’t trash it.
Stay focused and on track. Only post material that’s relevant to the topic being discussed.
Be respectful. Even negative opinions can be framed positively and diplomatically. Avoid profanity, slander or personal attacks directed at an author or another user. Racism, sexism and other forms of discrimination will not be tolerated.
Perpetrators of spam or abuse will be deleted from the site and prohibited from future registration at Investing.com’s discretion.