Hackers target COVID-19 vaccine cold chain, IBM finds

A group of hackers has sent phishing emails to various people involved in COVID-19 vaccine cold chain distribution to gain insight, IBM has revealed.

IBM and US officials have stated that hackers have targeted companies involved with the cold chain distribution of COVID-19 vaccines. 

At the start of the COVID-19 pandemic, IBM Security X-Force created a task force dedicated to tracking down cyber threats against organisations that work to inhibit the vaccine supply chain. Now, the task force has said it discovered a “global phishing campaign” across six different countries. The US Cybersecurity and Infrastructure Security Agency has also reposted the report from IBM, warning members of Operation Warp Speed to be vigilant. 

IBM Security X-Force announced it detected an advanced group of hackers working from around September 2020. According to the organisation, the group were working to gather information about different aspects of the cold chain, using emails sent in the name of an executive at Haier Biomedical, a Chinese cold chain provider that specialises in vaccine transport and biological sample storage. Spear-phishing emails were sent to executives in sales, procurement, IT and finance positions, likely involved in company efforts to support a vaccine cold chain. IBM suggests that the purpose of the emails was to harvest credentials to gain future unauthorised access and gain insight into internal communications, as well as the process, methods and plans to distribute a COVID-19 vaccine.

The targets included the European Commission’s (EC) Directorate-General for Taxation and Customs Union, as well as organisations within the energy, manufacturing, website creation and software and internet security solutions sectors. 

The organisation has not identified the parties behind the hacking and messages sent to the email addresses used by the hackers were not returned. However, in its report, IBM said: “While attribution is currently unknown, the precision targeting and nature of the specific targeted organisations potentially point to nation-state activity.”

IBM also says that it is as of yet unclear whether the phishing campaign was successful.