In order to spy on entities essential to the global distribution of COVID-19 vaccines, anonymous nation-state hackers have been masquerading as one of the world’s largest cold-chain providers in a global email phishing scam.
According to Bloomberg, X-Force, a digital security unit at force at International Business Machines (IBM) Corp., has discovered an email operation in which hackers claimed to represent China-based Qingdao Haier Biomedical Co, one of the world’s largest cold-chain suppliers, making equipment to store and deliver materials at cold temperatures.
The fake Haier representative, in at least one of the spam emails, sought to buy about 500 vaccine refrigerators. The user, who claimed to to serve as Haier’s project manager in Africa, promised a $220,000 upfront payment, according to an email provided by the IBM security researchers to Bloomberg.
A draft contract titled, “RFQ - UNICEF CCEOP and Vaccine Project” is also attached to the email, which is a malicious file that, if opened, would prompt the recipient to share their secret login credentials with the attacker.
IBM’s security team, which has been researching COVID-related cyberattacks since the early days of the pandemic, believes the campaign was launched by a nation-state, but declined to speculate on which one.
Suspected North Korean hackers targeted COVID-19 vaccine maker AstraZeneca: Sources
"It’s unclear if any victims fell for the scam. But if they did, the harvested credentials could help an attacker 'gain insight into internal communications, as well as the process, methods and plans to distribute a COVID-19 vaccine," Bloomberg quoted IBM Security statement.
In a similar attack in November, the Atlanta-based cold chain company Americold Realty Trust said it was target of a cyberattack. Though the firm said it had managed to overcome the attack, it hadn’t "completed its investigation".
"As we shift toward distributing a vaccine for COVID-19, the logistics of this operation will become extremely critical. Seemingly mundane security issues could have major repercussions to such a complex and important effort," a senior director at the cyber security firm FireEye Inc. John Hultquist said.
In the meantime, pharma firms like Pfizer, Moderna, AstraZeneca, Sputnik and others are preparing for the global distribution of their COVID-19 vaccines. Maintenance of temperature controls once a vaccine leaves the air plane remains a challenge and the hackers are eyeing on this opportunity.
"This was a well-prepared, precise, sophisticated campaign. We can’t ignore the fact that there are actors who will benefit from disrupting distribution of the vaccine. If an actor could disrupt consumer trust in the vaccine, that could play a pivotal role in changing perceptions of world power," the business news website quoted global lead for threat intelligence at IBM Security X-Force Nick Rossmann as saying.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
