Skip to main content

Hackers are targeting the COVID-19 vaccine supply chain, IBM finds

Hackers are targeting the COVID-19 vaccine supply chain, IBM finds


Analysts aren’t sure who’s behind the operation

Share this story

Amelia Krales

A global phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccines since September 2020, IBM security researchers say.

In a blog post, analysts Claire Zaboeva and Melissa Frydrych of IBM X-Force IRIS announced that the phishing campaign spans six regions: Germany, Italy, South Korea, Czech Republic, greater Europe, and Taiwan.

The campaign appears to be focused on the “cold chain,” the segment of the vaccine supply chain that keeps doses cold during their storage and transportation. Some vaccines need to stay at extremely low temperatures in order to remain potent. Pfizer, for example, recommends that their COVID-19 vaccine be stored at negative 70 degrees Celsius (colder than winter in Antarctica). That poses a logistical challenge for the pharmaceutical company, which will need to transport millions upon millions of doses around the world at that temperature.

The attacks focused on groups associated with Gavi, an international organization that promotes vaccine access and distribution. Specifically, it targeted organizations related to their Cold Chain Equipment Optimization Platform (CCEOP), which aims to distribute and improve technology that can keep vaccines at very cold temperatures. These included the European Commission’s Directorate-General for Taxation and Customs Union, as well as “organizations within the energy, manufacturing, website creation and software and internet security solutions sectors.”

Per the blog post, the people behind the phishing operation sent emails to the organizations’ executives claiming to be an executive from CCEOP supplier Haier Biomedical. The emails, which purported to request quotations related to CCEOP, contained HTML attachments which asked for the opener’s credentials, which the actor could store and use to gain unauthorized access down the line.

“We assess that the purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution,” reads the blog post.

It’s not yet clear who’s behind this campaign, but the researchers suspect a nation-state actor rather than a private individual or group. “Without a clear path to a cash-out, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets,” the blog post reads. “Advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target.”

IBM recommends that companies involved in COVID-19 vaccine storage and transport “be vigilant and remain on high alert during this time.” The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert encouraging the organizations to review IBM’s report.

COVID-19 vaccine research and development has been a target of multiple cyberattacks this year. The US government accused China of funding and operating hacking cells to steal vaccine research from the US and its allies in May, and charged two Chinese hackers with stealing data from firms working on COVID-19 treatments and vaccines in July. US, UK, and Canadian authorities denounced attacks from a group associated with Russian intelligence services on organizations involved in vaccine development this summer. In November, Microsoft detected cyberattacks from nation-state actors in Russia and North Korea on companies with COVID-19 vaccines in various stages of clinical trials.

Multiple companies have submitted COVID-19 vaccines for review to the Food and Drug Administration, including Pfizer / BioNTech and Moderna. The FDA’s vaccine advisory community will review the applications in mid-December; if the vaccines are authorized, distribution will begin shortly after. Moderna expects to have up to 20 million doses of its vaccine by the end of 2020, while Pfizer could provide up to 25 million.

Today’s Storystream

Feed refreshed Two hours ago Striking out

Andrew WebsterTwo hours ago
Looking for something to do this weekend?

Why not hang out on the couch playing video games and watching TV. It’s a good time for it, with intriguing recent releases like Return to Monkey Island, Session: Skate Sim, and the Star Wars spinoff Andor. Or you could check out some of the new anime on Netflix, including Thermae Romae Novae (pictured below), which is my personal favorite time-traveling story about bathing.

A screenshot from the Netflix anime Thermae Romae Novae.
Thermae Romae Novae.
Image: Netflix
Jay PetersSep 23
Twitch’s creators SVP is leaving the company.

Constance Knight, Twitch’s senior vice president of global creators, is leaving for a new opportunity, according to Bloomberg’s Cecilia D’Anastasio. Knight shared her departure with staff on the same day Twitch announced impending cuts to how much its biggest streamers will earn from subscriptions.

Tom WarrenSep 23
Has the Windows 11 2022 Update made your gaming PC stutter?

Nvidia GPU owners have been complaining of stuttering and poor frame rates with the latest Windows 11 update, but thankfully there’s a fix. Nvidia has identified an issue with its GeForce Experience overlay and the Windows 11 2022 Update (22H2). A fix is available in beta from Nvidia’s website.

External Link
If you’re using crash detection on the iPhone 14, invest in a really good phone mount.

Motorcycle owner Douglas Sonders has a cautionary tale in Jalopnik today about the iPhone 14’s new crash detection feature. He was riding his LiveWire One motorcycle down the West Side Highway at about 60 mph when he hit a bump, causing his iPhone 14 Pro Max to fly off its handlebar mount. Soon after, his girlfriend and parents received text messages that he had been in a horrible accident, causing several hours of panic. The phone even called the police, all because it fell off the handlebars. All thanks to crash detection.

Riding a motorcycle is very dangerous, and the last thing anyone needs is to think their loved one was in a horrible crash when they weren’t. This is obviously an edge case, but it makes me wonder what other sort of false positives we see as more phones adopt this technology.

External Link
Ford is running out of its own Blue Oval badges.

Running out of semiconductors is one thing, but running out of your own iconic nameplates is just downright brutal. The Wall Street Journal reports badge and nameplate shortages are impacting the automaker's popular F-series pickup lineup, delaying deliveries and causing general chaos.

Some executives are even proposing a 3D printing workaround, but they didn’t feel like the substitutes would clear the bar. All in all, it's been a dreadful summer of supply chain setbacks for Ford, leading the company to reorganize its org chart to bring some sort of relief.

Spain’s Transports Urbans de Sabadell has La Bussí.

Once again, the US has fallen behind in transportation — call it the Bussí gap. A hole in our infrastructure, if you will.

External Link
Jay PetersSep 23
Doing more with less (extravagant holiday parties).

Sundar Pichai addressed employees’ questions about Google’s spending changes at an all-hands this week, according to CNBC.

“Maybe you were planning on hiring six more people but maybe you are going to have to do with four and how are you going to make that happen?” Pichai sent a memo to workers in July about a hiring slowdown.

In the all-hands, Google’s head of finance also asked staff to try not to go “over the top” for holiday parties.

External Link
Insiders made the most money off of Helium’s “People’s Network.”

Remember Helium, which was touted by The New York Times in an article entitled “Maybe There’s a Use for Crypto After All?” Not only was the company misleading people about who used it — Salesforce and Lime weren’t using it, despite what Helium said on its site — Helium disproportionately enriched insiders, Forbes reports.

James VincentSep 23
Nvidia’s latest AI model generates endless 3D models.

Need to fill your video game, VR world, or project render with 3D chaff? Nvidia’s latest AI model could help. Trained on 2D images, it can churn out customizable 3D objects ready to import and tweak.

The model seems rudimentary (the renders aren’t amazing quality and seem limited in their variety), but generative AI models like this are only going to improve, speeding up work for all sorts of creative types.