Hackers target groups in COVID-19 vaccine distribution, IBM says



[ad_1]

WASHINGTON: IBM and US officials are sounding the alarm about hackers targeting companies critical to the distribution of COVID-19 vaccines.

IBM said on Thursday (December 3) that the campaign was a sign that digital spies are turning their attention to the complex logistical work involved in vaccinating the world’s population against the novel coronavirus, though some outside experts questioned whether that was the point. hackers approach.

In a blog post published Thursday, IBM said it had uncovered “a global phishing campaign” targeting organizations associated with the COVID-19 vaccine “cold chain” – the process required to keep vaccine doses down. extremely cold temperatures while traveling from manufacturers. into the arms of the people.

The US Cybersecurity and Infrastructure Safety Agency republished the report, warning members of Operation Warp Speed, the US government’s national vaccination mission.

However, other cybersecurity experts expressed some skepticism about IBM’s findings.

Joe Slowik, a researcher at online threat intelligence firm DomainTools, said he believed IBM had stumbled upon “a subset of activity” that was part of a much larger campaign “that may not be focused on vaccines or similar activities.” .

Although “definitely malicious,” Slowik said he was not convinced it was specifically targeting vaccine distribution.

It is not clear who is behind the espionage. Messages sent to the email addresses used by the hackers were not returned.

Understanding how to build a safe cold chain is critical to distributing vaccines developed by companies like Pfizer and BioNTech because injections must be stored at minus 70 degrees Celsius or below to prevent spoilage.

IBM’s cybersecurity unit said it had spotted an advanced group of hackers working to gather information on different aspects of the cold chain, using meticulously crafted emails sent on behalf of an executive at Haier Biomedical, a Chinese provider of cold chain that specializes in the transport of vaccines and storage of biological samples.

Haier Medical did not reply to messages seeking comment.

The targets included companies involved in making solar panels, which are used to power vaccine refrigerators in hot countries, and petrochemicals that could be used to make dry ice.

The hackers made “an exceptional effort,” said IBM analyst Claire Zaboeva, who helped write the report. The hackers investigated the correct make, model and price of various Haier refrigeration units, Zaboeva said.

“Whoever organized this campaign was intimately aware of the products involved in the supply chain to deliver a vaccine for a global pandemic,” he said.

The only organization identified by name in the IBM report, the European Commission’s Directorate General for Taxes and Customs Union, said in a statement that it knew it had been the target of the hacking campaign.

“We have taken the necessary measures to mitigate the attack and we are closely monitoring and analyzing the situation,” the statement said.

Reuters has previously documented how hackers linked to Iran, Vietnam, North Korea, South Korea, China and Russia have been accused on separate occasions by cybersecurity experts or government officials of attempting to steal information about the virus and its potential treatments. Cybercriminals have also been active against healthcare providers, such as hospitals, during the pandemic.

IBM’s Zaboeva said there was no shortage of possible suspects. Finding out how to quickly distribute an economy-saving vaccine “should top the charts of nation states around the world,” he said.

CHECK THIS: Our comprehensive coverage of the coronavirus outbreak and its developments

Download our app or subscribe to our Telegram channel for the latest updates on the coronavirus outbreak: https://cna.asia/telegram

[ad_2]