COVID-19 jab hack targeted 40-plus companies, says IBM

A hacking attack targeting the COVID-19 vaccine supply chain uncovered last year was much more widespread than originally though, affecting 44 companies in 14 countries around the world.

First uncovered by IBM Security's X-Force unit, the attack was levelled against a wide range of supply chain actors, including transport, warehousing, storage and distribution organisations.

Most of the attacks were carried out via 'spear-phishing' – in which emails that appear to be from a trusted account are sent in order to uncover confidential information, according to cybersecurity blog

The campaign started in September 2020, as expectation began to build about the publication of pivotal data on the lead vaccine COVID-19 candidates, but "remains a deliberated and calculated threat," according to IBM.

The attack was directed mainly at participants in the Cold Chain Equipment Optimization Platform (CCEOP) run by international vaccines organisation Gavi. The cold chain is particularly important for COVID-19 vaccines as some of the candidates need to be stored at very low temperatures, in the -20 to -70 C range.

The hackers impersonated a business executive from Haier Biomedical, a credible and legitimate member company of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP programme.

After the initial report, X-Force identified an email from what appears to be a related campaign addressed to a German pharmaceutical and bioscience company involved in vaccine production.

Some of the emails included malicious attachments that asked for requests for quotes for solar-powered and ice-lined vaccine refrigerators.

So what were the hackers after? Hard to say, but possibly insights into national procurement plans for vaccines, timetables for shipments, intellectual property, cargo security measures and World Trade Organization (WTO) trade facilitation agreements, amongst other possibilities.

Last December, Interpol warned that criminals were  prepare for falsification, theft and illegal advertising of COVID-19 as well as flu vaccines to cash in on the pandemic. There have also been reports that organised criminal networks are trying to steal vaccine shipments in transit.

"While clear attribution remains presently unavailable, the rise of 'vaccine nationalism' and increased global competition surrounding access to vaccines suggests the higher likelihood of a nation-state operation," said IBM.

"The COVID-19 pandemic has created an unprecedented race between rival nations on an unequal economic plane," it added.

"It is almost inevitable to see this type of adversarial activity in a threat landscape that is already extremely active on the nation-state attack front."

Related articles:

     Want our news sent directly to your inbox?

Yes please 2


Home  |  About us  |  Contact us  |  Advertise  |  Links  |  Partners  |  Privacy Policy  |   |  RSS feed   |  back to top