A cyber espionage campaign targeted at companies vital to the distribution of COVID-19 vaccines has been detected.
According to an alert issued by the US government and a research blog published by IBM, the hacking campaign started in September.
It targeted a range of organisations, including in government and across the energy and IT sectors, that are associated with the COVID – 19 ‘cold supply’ chain.
The cold chain is an essential part of distributing vaccines manufactured by Pfizer/BioNTech, approved in the UK on Tuesday , as the vaccine needs to be stored at -70C (-94F) to avoid spoiling before being administered.
Although it is not clear whether the sophisticated phishing emails were successful, IBM warned that the campaign bore “the potential hallmarks of nation-state tradecraft” rather than an attack by cyber criminals.
“Without a clear path to a cash-out, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets,” added IBM.
This week Interpol issued an alert
warning that organised criminal gangs could attempt to steal COVID-19 vaccines or create their own fake versions to profit from the pandemic.
It follows an announcement in July from Britain, the US and Canada that Russian cyber spies were trying to steal research into coronavirus vaccines and treatment.
IBM said emails were sent to 10 organisations, including the European Commission’s Directorate-General for Taxation and Customs Union, which handles tax and customs issues across the EU.
Claire Zaboeva, an IBM analyst involved in the detection, told Associated Press that the EU agency – which is revising import and export regimes for vaccines – “would be a gold mine” for hackers seeking to access other organisations.
IBM warned that if the hackers were successful, the attacks could lead to the “stealing and selling [of] vaccine shipping containers in black markets across the globe”.
The hackers have sent emails impersonating a business executive from the Chinese company Haier Biomedical, which is “a credible and legitimate member company of the COVID-19 vaccine supply chain” according to IBM.
The intention of the campaign was to harvest credentials, “possibly to gain future unauthorised access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution”.
Among the companies targeted were those involved in manufacturing solar panels, which can be used in countries without a reliable power supply to ensure vaccine refrigerators are on, as well as petrochemical companies which produce dry ice.