Hackers Targeting COVID-19 Vaccine Manufacturers: IBM

Hackers Targeting COVID-19 Vaccine Manufacturers
Share on facebook
Share on twitter
Share on linkedin

Technology giant IBM has released a report stating that hackers are targeting COVID-19 vaccine manufacturers, attempting to disrupt research efforts and distribution efforts of the vaccine with a range of information security threats.  

The news comes after IBM created a special division of cyber security specialists, codenamed IBM Security X-Force, who has been instructed to monitor cyber security threats against organisations involved in vaccine research, development and distribution.

Reports are that the task force has discovered a sophisticated threat campaign against organisations involved in the distribution of vaccines, stating that the evidence they’ve seen “hold[s] the potential hallmarks of nation-state tradecraft.”  

IBM says that “our team recently uncovered a global phishing campaign targeting organisations associated with a COVID-19 cold chain. The cold chain is a component of the vaccine supply chain that ensures the safe preservation of vaccines in temperature-controlled environments during their storage and transportation.” 

“The adversary impersonated a business executive from Haier Biomedical, a credible and legitimate member company of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP program. The company is purportedly the world’s only complete cold chain provider,” the authors state.

Click here for your Free ISO 27001 Gap Analysis Checklist

IBM’s team says that “disguised as this employee, the adversary sent phishing emails to organisations believed to be providers of material support to meet transportation needs within the COVID-19 cold chain.” 

Researchers say that the targets of this potentially nation-state driven campaign against COVID-19 vaccine manufacturers were located all around the world, from Taiwan to Italy, South Korea, Czech Republic, Germany and Italy. 

Hackers also used “help and support pages of targeted organisations” to find another potential avenue into the system. With a variety of tactics, the researchers said it was important to be wary of these hackers targeting COVID-19 vaccine manufacturers with increasingly sophisticated cyber threat techniques. 

They continued to explain that “we assess that the purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution.” 

In terms of who is the most likely target behind hackers targeting COVID-19 vaccine manufacturers, authors of the report state that “while attribution is currently unknown, the precision targeting and nature of the specific targeted organisations potentially point to nation-state activity.” 

“Without a clear path to a cash-out, cyber criminals are unlikely to devote time and resources to execute such a calculated operation with so many interlinked and globally distributed targeted. Likewise, insight into the transport of a vaccine may present a hot-black market commodity, however, advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target.” 

ISO 27001 Certification from Best Practice

The researchers in question have put together a number of security recommendations for organisations potentially linked to the cold chain and manufacturers of COVID-19 related equipment, which include: 

  • The creation and testing of an incident response plan for the organisation
  • Sharing and ingesting of current threat intelligence out there to understand the risks and most recent techniques deployed by hackers
  • Assessing your third-party ecosystem, and identify risks involved with any third party company your organisation might be linked to
  • Integrate a ‘zero-trust’ approach to your information security strategy 
  • Deploy multi-factor authentication across the whole organisation 
  • Conduct regular email security educational trainings 
  • Utilise endpoint protection and response tools to detect threats in your organisation

Don’t forget to check our News page for the latest industry-relevant articles, how-to guides and ISO-explainers

Subscribe to our Newsletter

Share this post with your friends

Share on linkedin
Share on facebook
Share on twitter
Share on google