Australia markets closed
  • ALL ORDS

    6,986.80
    +4.10 (+0.06%)
     
  • ASX 200

    6,715.40
    +0.10 (+0.00%)
     
  • AUD/USD

    0.7708
    -0.0071 (-0.91%)
     
  • OIL

    52.04
    -1.53 (-2.86%)
     
  • GOLD

    1,827.70
    -23.70 (-1.28%)
     
  • BTC-AUD

    48,665.98
    +1,791.63 (+3.82%)
     
  • CMC Crypto 200

    701.93
    -33.21 (-4.52%)
     
  • AUD/EUR

    0.6378
    -0.0019 (-0.29%)
     
  • AUD/NZD

    1.0798
    +0.0028 (+0.26%)
     
  • NZX 50

    13,024.69
    -91.18 (-0.70%)
     
  • NASDAQ

    12,803.93
    -94.76 (-0.73%)
     
  • FTSE

    6,735.71
    -66.25 (-0.97%)
     
  • Dow Jones

    30,814.26
    -177.26 (-0.57%)
     
  • DAX

    13,787.73
    -200.97 (-1.44%)
     
  • Hang Seng

    28,573.86
    +77.00 (+0.27%)
     
  • NIKKEI 225

    28,519.18
    -179.08 (-0.62%)
     

Hackers targeting Covid-19 vaccine supply chain, IBM warns

·2-min read
Dry ice will be used to help transport the Covid-19 vaccine, but hackers are targeting the supply chain involved, IBM has warned

Hackers are targeting the coronavirus vaccine supply chain, IBM warned Thursday, saying it had uncovered a series of cyber attacks against companies involved in the effort to distribute doses around the world.

It was "unclear" if the attacks were successful, IBM said, adding that they were potentially carried out by state actors.

"Our team recently uncovered a global phishing campaign targeting organizations associated with a COVID-19 cold chain," Claire Zaboeva and Melissa Frydrych, analysts for IBM X-Force, a cyber security working group, wrote in a blog post.

The European Commission's Directorate-General for Taxation and Customs Union was one target, as were energy and IT companies based in Germany, Italy, the Czech Republic, South Korea and Taiwan.

The hackers impersonated an executive from Haier Biomedical, a Chinese-owned cold chain supply company working with the World Health Organization and the United Nations, IBM said.

"Disguised as this employee, the adversary sent phishing emails to organizations believed to be providers of material support to meet transportation needs within the COVID-19 cold chain," Zaboeva and Frydrych wrote.

The purpose "may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution."

Some of the vaccines being developed against Covid-19 must be stored at temperatures well below that of a normal fridge. Distribution, therefore, requires specialized logistics companies such as Haier Biomedical.

IBM said it could not identify those behind the attacks -- but that the precision of the operation signals "the potential hallmarks of nation-state tradecraft."

"Without a clear path to a cash-out, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets," Zaboeva and Frydrych wrote.

The US federal cyber security agency, CISA, said the IBM report should be taken seriously by organizations involved in the vaccine supply chain.

"CISA encourages all organizations involved in vaccine storage and transport to harden attack surfaces, particularly in cold storage operation, and remain vigilant against all activity in this space," Josh Corman, a CISA strategist, told AFP.

dho/lo/st/bgs