Credits: Wikimedia Commons

IBM has cautioned the organizations involved in the COVID-19 vaccine global supply chain in a blog post made today. As it turns out, hackers have started to target the organizations that are critical to the whole process of getting the vaccine from the manufacturer to the general population.

The company said that it has uncovered a global phishing campaign targeting organizations associated with a COVID-19 cold chain. The cold chain is a critical part of the supply chain of the vaccines, as it involves preserving the vaccine by keeping it within controlled (extremely cold) temperatures during the storage and transport process.

The blog post is based on the IBM Security X-Force’s report. The X-Force is a task force set-up by IBM, which is dedicated to tracking down COVID-19 cyber threats against organizations that are keeping the vaccine supply chain moving.

According to IBM’s analysis, the global phishing campaign started in September. The campaign has spanned across six countries and has targeted organizations associated with Gavi, The Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) program.

IBM said that the hackers impersonated a business executive from Haier Biomedical, and sent out phishing emails to organizations that are involved in providing materials to meet the needs of the global vaccine supply chain.

Haier Biomedical is part of the COVID-19 supply chain, and the company proclaims itself as “the world’s only complete cold chain provider.” According to IBM, the hackers sent out phishing emails to the organizations possibly to steal credentials in order to gain access to sensitive information related to COVID-19 vaccine distribution.

IBM revealed only one target by name, that is, European Commission’s Directorate-General for Taxation and Customs Union, who has helped set up vaccine import rules in the past. The other targets are global organizations from the energy, manufacturing, website creation and software and internet security solutions sectors based in Germany, Italy, South Korea, Czech Republic, greater Europe and Taiwan.

The identity of the hackers who carried out these cyber attacks is unknown. However, the company pointed out that the nature and level of targets involved in these cyberattacks suggests “nation-state activity.” In other words, the hackers are likely to be state-backed.

“Cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets,” wrote IBM in the blog post.

The number of cyberattacks have surged during the pandemic, especially those which target health and research organizations. Microsoft shed light on such cyberattacks in November, and identified three hacker groups—two from North Korea and one from Russia. A recent report revealed that AstraZeneca, a pharmaceutical company involved in the production of COVID-19 vaccine, was also targeted in a similar phishing attack.

The vaccines are required to be stored at -70 degrees Celsius (-94 F) or below to avoid spoiling. This makes the cold chain is a very critical part of the supply chain, as it ensures that the vaccine is delivered to the masses in a usable condition.

The U.S Cybersecurity and Infrastructure Security Agency (CSIA) have reposted IBM’s report, issuing an alert. IBM also laid out some strategies and recommendations for defenders of the supply chain, and alerted those who are part of it in general.

“IBM Security X-Force urges companies in the COVID-19 supply chain — from research of therapies, healthcare delivery to distribution of a vaccine — to be vigilant and remain on high alert during this time.”