IBM stated that a cyber-espionage effort to target the World Health Organization (WHO) initiative for the distribution of the vaccine was detected. IBM also stated that a “nation state was involved” and that attempts were tracked since September.
Hackers Are Attacking The ‘Cold Chain’ Of The Vaccine Supply
IBM’s Security X-Force had established a task force focused on cybersecurity threats concerning COVID. The task force registered attempts earlier, and are now specifically focused on the vaccine supply chain. The purpose is to keep the supply chain smooth and moving. The ‘cold chain’ consists of components in the vaccine supply distribution that are there to ensure the stability and safety of the vaccine. Temperature control makes sure that the vaccine is preserved and safe in storage. The IBM Security X-force stated that this is a highly-targeted operation that is targeted against UNICEF’s and the Gavi Alliance’s initiative to push the vaccine to undeveloped areas.
Hacking Techniques Used by The Hackers
According to IBM experts, the attackers used a specialized phishing campaign. The campaign was found to be active across six countries and targeted organizations affiliated with Gavi and the Cold Chain Equipment Optimization Platform, CCEOP. The hackers faked their identities, impersonating an executive from a Chinese company that is involved in CCEOP’s cold chain system. The objective was to interact with the individuals targeted in the phishing campaign via email. Attacks on the healthcare industry and specifically the Covid-19 vaccine effort were already observed earlier in November. According to intelligence reports, key global organizations and key executives were targeted giving all of this a sense of nation-state espionage and hacking. Phishing emails were sent out to organizations such as the World Bank and the Bill & Melinda Gates Foundation as the hacks progressed. The hackers sent out malicious code and asked for login credentials.
US Cybersecurity and Infrastructure Security Agency Issues Alert
CISA (the US’s Cybersecurity and Infrastructure Security Agency) released an alert that is informing all organizations that are engaged in the transport and storage of the COVID vaccine to pay attention to the attacks and information from the IBM report. Earlier in July, it was reported that Russian intelligence was snooping around UK vaccine research. Other attacks were carried out on various global organizations working on the vaccine since this summer. The FBI and CISA had warned of possible threats to medical research on the coronavirus. The US government stated that the motivation for this cybercrime was blackmail. It is known that China has large investments in US biotechnology, which includes access to DNA data and research. The US has since strengthened its measures to protect healthcare data from unauthorized access.
