IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

IBM: Hackers are targeting COVID-19 vaccine 'cold chain'

A phishing campaign targeted organisations that held sensitive information relating to COVID-19 vaccine distribution

A global phishing campaign is targeting organisations working to ensure the temperature-controlled storage and transportation of the COVID-19 vaccine, otherwise known as the cold chain.

The phishing campaign, which was uncovered by IBM security researchers, was reported to have begun in September 2020. Spanning across six countries, it targeted organisations associated with Gavi, The Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) programme.

Cyber criminals were found to have sent phishing emails under the name of a business executive from Haier Biomedical, a credible and legitimate member company of the COVID-19 vaccine supply chain as well as a qualified supplier for the CCEOP programme.

In a likely attempt to harvest credentials and potentially gain access to corporate networks and sensitive information, the hackers addressed the emails to organisations believed to hold sensitive information relating to COVID-19 vaccine distribution.

According to IBM Security X-Force, targets included organisations within the energy, manufacturing, website creation, and internet security industries across Germany, Italy, South Korea, Czech Republic and Taiwan, as well as the European Commission’s Directorate-General for Taxation and Customs Union.

In a blog post explaining the findings, IBM’s senior strategic cyber threat analyst Claire Zaboeva said that the “spear-phishing emails were sent to select executives in sales, procurement, information technology and finance positions, likely involved in company efforts to support a vaccine cold chain”. 

“We also identified instances where this activity extended organisation-wide to include help and support pages of targeted organisations,” she added.

However, the identity of the cyber criminals remains unknown. IBM Security X-Force believes that “the precision targeting and nature of the specific targeted organisations” could signify that the hackers were potentially state-sponsored.

Last month, Microsoft warned that pharmaceutical companies researching treatments and vaccines for COVID-19 are being actively targeted by prominent nation state-backed hackers from Russia and North Korea.

The attempts to disrupt vaccine trials and distribution are only a small portion of an overall threat escalation that many organisations and businesses have sustained during 2020, with over a quarter of all security incidents in the last year being related to COVID-19. 

Following the discovery, IBM Security X-Force had followed responsible disclosure protocols as well as notified the appropriate entities and authorities about the phishing campaign.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022