The hackers posed as an executive at Haier Biomedical, a Chinese company that touts itself as “the world’s only full cold chain supplier.” They sent out meticulously researched phishing emails that included an HTML attachment asking the recipient to enter their credentials. They could have used this information later to gain access to sensitive networks.
The campaign, which IBM says has “the potential characteristics” of a state-sponsored effort, has cast a wide net. The company explicitly named only one target – the European Commission’s Directorate-General for Taxation and Customs Union – but said the campaign targeted at least 10 different organizations, including a development store that creates websites for pharmaceutical and biotechnology companies. The company is uncertain whether any of the attacks ultimately succeeded in achieving their goal.
Obviously, this is an evolution of the coronavirus-related cyberattacks we’ve seen before. In June, UK security and intelligence agency GCHQ said hackers had repeatedly attempted to access sensitive data linked to the country’s response to the coronavirus, including work it had done on a COVID-19 vaccine. The fact that hackers are now targeting the cold chain is worrying. Transporting and storing the vaccines that will help end the pandemic are tricky enough because they are interference-free.