Posted on December 4, 2020 at 4:45 PM
After targeting COVID-19 vaccine manufacturers, hackers are now paying interest on the vaccine supply chain, according to IBM security researchers. Based on the report, the global phishing campaign started targeting the organizations in charge of COVID-19 distribution since September.
In a blog post, the information technology firm pointed out that it discovered the phishing campaign on the organizations as they need to keep the vaccine in extremely cold temperatures when they travel to people’s arms from the manufacturers.
As a result, the US government’s national vaccine mission, Operation Warp Sped, have been warned to beef up security on their data and be wary of phishing emails from hackers.
Pfizer and BioNTech developed a secured cold chain, which is necessary to keep the vaccines stored at -94F degree or below to avoid spoiling.
Hackers are probably state-sponsored group
The group targeting these organizations sent phishing emails to the executives with claims to be from the executives of CCEOP supplier Hair Biomedical.
Based on the content of the email, the hackers requested quotations about the CCEOP. It also includes HTML attachments that requested for the account details of the target. Once the target falls for the phishing email and agree to their demands, they can store the information and use it to gain access in future.
The blog post explained that the main goal of the COVID-19 phishing campaign is to steal credentials to have unauthorized access to sensitive information and corporate networks in future.
Although no one of sure which hacking group is launching the attack, security researchers are suspecting state-backed actors, based on the nature of what the hackers re looking for.
The world received good news from pharmaceutical companies, who announced recently that they have developed COVID-19 vaccines that are very potent against the disease. There are so many globally distributed and interlinked targets that state-backed actors can explore to gain some levels of access into the COVID-19 vaccine.
Hackers are focusing on 6 regions
Analysts Melissa Frysrych and Claire Zaboeva of IBM, in a blog post, announced that the phishing campaign covers 6 regions, which includes Taiwan, greater Europe, Czech Republic, South Korea, Italy, and Germany.
The campaign seems to be reliant on a “cold chain”, which is the section of the Vaccine supply chain that stores the vaccine doses before and during transportation.
According to the blog post, the attacks target groups linked with an international organization promoting the access and distribution of the COVID-19 vaccine.
The hacking group also target organizations that improve and distribute the technologies that can keep the vaccines at very cold temperatures. These include organizations with internet security, solutions, software, website creation, manufacturing, as well as energy.
They also targeted the European Commission’s Directorate-General for Taxation and Customs Union, according to the blog post.
It’s a typical example of what nation-state hackers are capable of doing, as they are looking for advanced insight into the movement of vaccines that have a high impact on global economy.
Organizations have been advised to remain vigilant
There’s no doubt that COVID-19 vaccines are among the top needs for the world, so demand for them can boost the economy of nations whose manufacturers have been able to develop one.
So, state-sponsored hackers are still at large to get their hands into the vaccine and its distribution methods.
IBM has recommended that companies who are involved in the storage and distribution of COVID-19 should remain very vigilant at this period. There is also an alert from the Cybersecurity and Infrastructure Security Agency (CISA) to that regard. According to the agency, related organizations should review the security report of IBM and learn how they can best protect their systems and servers from phishing attacks.
This year, after pharmaceuticals and health researchers started developing a vaccine for COVID-19, hackers have intensified efforts to break into the servers of these companies and steal sensitive material and details.
In May, the U.S. government accused China of sponsoring hacking groups to steal vaccine research from the U.S.
In July, U.S. authorities arrested two Chinese hackers in connection with the theft of sensitive data from companies working on COCID-19 vaccine research and development.
Russian intelligence have also been accused of similar hacking activities, and U.S. authorities have advised companies to beef up their security as well.