Adding to all of the uncertainty and hardship that the world has had to deal with since the outbreak of the coronavirus pandemic, it now appears that a malicious nation state is attempting to hack the supply chain of coronavirus vaccines as they are distributed around the globe.
According to IBM, the attempts have come in the form of cyber-espionage, as the group of hackers tries to disrupt or destroy the vital “cold chain” needed by the vaccine. Both the Pfizer vaccine, now approved by the UK, and the Moderna vaccine employ RNA technology and therefore must be kept at ultra cold temperatures – with the former needing to be stored at around -70 degrees Celsius.
IBM states that the methods used by the malicious groups indicate that they are dealing with a nation state.
Several attempts to hack the ongoing research into coronavirus vaccines was unearthed by Western intelligence sources this past year, including in the UK and the United States.
In July, the UK disclosed that Russian intelligence had targeted its own coronavirus vaccine research, including the trials at Oxford, with its vaccine produced in tandem with AstraZeneca.
US authorities also stated at that time that they were aware of Chinese hacking attempts. Recently, Microsoft also stated that it had observed both North Korean and Russian hackers targeting coronavirus vaccine research. At that point, the malicious activities had had more to do with intelligence gathering rather than disruption of any research.
New hacking campaign started in September of 2020
This new hacking campaign is a separate one, however, being undertaken just in September of 2020, when it became apparent that a great deal of dry ice would be needed for the most likely vaccine candidates and that special storage and transportation methods would be needed in order to get the vaccine out to the public.
IBM officials state that phishing emails have ben sent out to targets in six countries, including organizations linked to the Cold Chain Equipment Optimization Platform (CCEOP) of Gavi, the international vaccine alliance.
Gavi’s collaborators, which include the World Health Organization, UNICEF, the World Bank and the Bill & Melinda Gates Foundation, which will help in the distribution of vaccines around the world — including some of the poorest regions of the globe.
IBM stated that the Pfizer/BioNTech vaccine was not itself a target of the campaign but theirs is one of the vaccines that must employ such a delivery method.
Phishing campaign impersonates Chinese executives
IBM charges that the phishing attempts involved the impersonation of a business executive from a legitimate Chinese company which is involved in the CCEOP’s supply chain to make it more believable, so that the targets would be more likely to act on it.
The emails, which contained malicious code and asked for people’s log in credentials, were sent to many companies and organizations involved in the transportation of the coronavirus vaccines.
Any such successful attempt would have meant that the infrastructure governments are employing to distribute the vaccine would be compromised.
“High value nation-state target”
IBM officials stated that “Advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target.”
This precise targeting included firms involved in container transport, biotechnology and the manufacturers of electrical components for communications.
Other targets included the European Commission’s Directorate General Taxation and Customs Union, a South Korean software-development company, and a German website-development company which supports clients associated with pharmaceutical manufacturers.
The heinous campaign even targeted companies involved in manufacturing solar panels, which can be used to keep vaccines cold in places where reliable power is not available, such as the underdeveloped world.
IBM charges that the fiendish campaign was uncovered by a security team that it had set up at the very beginning of the pandemic in order to to track down cyberthreats related to Covid-19.
“The precision targeting and nature of the specific targeted organizations potentially point to nation-state activity,” officials from the company stated.
“Without a clear path to a (pay)out,” they added, “cyber-criminals are unlikely to devote the time and resources required to execute such a calculated operation.”
IBM has now notified all those who were targeted as well as all pertinent law-enforcement authorities.
The US had already put all organizations involved in the storage and transport of a vaccine on alert against such insidious campaigns, with its “Cybersecurity and Infrastructure Security Agency” (CISA) warning all individuals and firms involved with the vaccine and its transport to be aware of these threats at all times.