Hackers “assumed to be state agents” have been waging a phishing campaign against pharmaceutical firms and other institutions involved in the forthcoming distribution of a vaccine against the novel coronavirus, IBM announced on Thursday.
In a post on Security Intelligence releasing their findings, IBM Security X-Force researchers wrote that “precision targeting of executives and key global organizations hold the potential hallmarks of a nation-state tradecraft,” adding the unknown hackers likely sought to obtain “advanced insight into the purchase and movement of a vaccine that can impact life and the global economy.” The target, according to IBM, appears to be the “cold chain”—a term for the logistics network that allows vaccines and other drugs to be carried from point of manufacture to distribution in temperature-controlled shipping containers. What the attackers hoped to accomplish is unknown, with possible motives ranging from theft of technology to intel that could be used to undermine trust in the vaccine or disrupt distribution.
IBM researchers wrote that the individuals targeted firms in at least six countries and used tactics such as impersonating a Haier Biomedical executive to send spear-phishing emails and targeting the help and support pages of organizations. Many of the targets were linked to international vaccine alliance Gavi’s cold chain program and included European Union bodies key to vaccine distribution, UNICEF, companies that manufacture solar panels used in cold storage, and IT firms that protect pharmaceutical firms. Read more >>