IBM security researchers say they detected cyber espionage effort using targeted phishing emails in an attempt to collect vital information on World Health Organization initiative to distribute COVID-19 vaccine to developing countries.
Researchers said they couldn’t find out who was behind the campaign, which began in September, or whether it was successful. But the precision targeting and careful efforts to leave no trace bore “the potential characteristics of nation-state craft,” they said ina blog postThursday.
The goals of the campaign, in countries like Germany, Italy, South Korea and Taiwan, are probably associated with the development of the“The cold chain”needed to ensure that coronavirus vaccines get the continuous sterile refrigeration they need to be effective for the nearly 3 billion people who live where temperature-controlled storage is insufficient, IBM said.
“Think of it as the lineage that will provide the world’s most vital vaccines,” said Claire Zaboeva, an IBM analyst involved in the detection.
The United States Cybersecurity and Infrastructure Security Agency laterissued an opinionencourage Operation Warp Speed, the Trump administration’s vaccination program, and other organizations involved in the storage and transport of vaccines, to review IBM’s findings.
Whoever is behind the operation might be motivated by a desire to learn how vaccines can best be shipped and stored – the whole refrigeration process – in order to copy it, said Nick Rossmann, global threat intelligence manager. from the IBM team. Or they might want to be able to undermine the legitimacy of a vaccine or launch a disruptive or destructive attack, he added.
In the scheme, executives of groups likely to be associated with the initiative known as theCovax– created by the Gavi Vaccine Alliance, the World Health Organization and other United Nations agencies – received spoofed emails appearing to come from an executive at Haier Biomedical, a Chinese company believed to be the world’s largest chain supplier. cold, the analyst said.
The phishing emails presented themselves as requests for quotes and contained malicious attachments that tricked recipients into entering credentials that could have been used to collect sensitive information about partners vital to the distribution platform of vaccines.
Targets included the European Commission’s Directorate-General for Taxation and Customs Union and companies that make solar panels to power portable vaccine refrigerators. The other targets were petrochemical companies, possibly because they produce dry ice, which is used in the cold chain, Zaboeva said.
The EU agency has been busy revising new import and export regimes for coronavirus vaccines and is said to be a gold mine for hackers looking for stepping stones to partner organizations, he said. she declared.
Covax has struggled to raise enough money to compete for vaccine deals against the world’s wealthiest nations in the race to get doses as quickly as they can be produced. But the UN and Gavi have invested millions in cold chain equipment in Africa and Asia. The investment, underway long before the pandemic, has been accelerated to prepare for a possible global deployment of coronavirus vaccines.
Whoever was behind the phishing operation was likely seeking “advanced insight into the purchase and movement of a vaccine that may impact life and the global economy,” the blog said. Coronavirus vaccines will be one of the most sought-after commodities in the world as they are distributed, so theft can also be a danger.
In the United States, the FBI has worked with other federal agencies and the private sector to protect vaccine development and delivery, Tonya Ugoretz, the agency’s deputy deputy director for preparedness and online intelligence, said Thursday. , at the Aspen Online Cyber Summit.
The goal is to ward off not only cyberthreats, but also more traditional human-centered espionage by adversaries who might seek to steal intellectual property for financial gain, benefit another country, or “undermine confidence in the US efforts to provide an effective vaccine, ”she told me.
In the same panel, Marene Allison, Chief Information Security Officer (CISO) Johnson & johnson, said that while she was convinced that big pharmaceutical companies like hers developing coronavirus vaccines have strong defenses in place against hackers, some third parties involved in the process may not be.
Johnson & Johnson have been reported to have been targeted by North Korean hackers, but Allison said that didn’t mean the attempts were successful.
“All of the health care CISOs and I are seeing attempts to penetrate actors from nation states, not just North Korea, every minute of every day,” she said. .
Last month,Microsoft saidit had mostly detected unsuccessful attempts by state-backed Russian and North Korean hackers to steal data from leading pharmaceutical companies and vaccine researchers. He gave no information on the number of successes or the seriousness of these violations. Chinese state-backed hackers have also targeted vaccine makers, the US government said inannouncing criminal charges in July.
Microsoft said most of the targets – located in Canada, France, India, South Korea and the United States – are looking for COVID-19 vaccines and treatments. He did not name the targets.
Other countries are not far behind: Regulators not only in the United States but in the European Union and Canada are also reviewing the Pfizer vaccine as well as a vaccine manufactured by Moderna Inc. British and Canadian regulators are also considering a vaccine manufactured by AstraZeneca and Oxford University.
The logistical challenges of distributing vaccines around the world are enormous. Pfizer-BioNTech should be stored and shipped in ultra-cold temperatures of approximately minus 70 degrees Celsius (minus 94 degrees Fahrenheit).
Unlike Moderna and Pfizer COVID-19 vaccines, Johnson & Johnson requires refrigeration but does not need to be frozen.
More to read absolutely technological coverage of Fortune:
- China’s “Amazon of services” says he welcomes the stricter monitoring of Beijing
- Meet Rumble, YouTube’s rival popular with conservatives
- How is a company better known for playing games used AI to solve one of biology’s greatest mysteries
- What is the water resistance of the iPhone? Italian watchdog says Apple claims are exaggerated
- In a major scientific advance, AI predicts the exact shape of proteins