Latest in Tomorrow

Image credit: FrankyDeMeyer via Getty Images

Hackers are trying to disrupt the COVID-19 vaccine supply chain

They're targeting the vulnerable "cold chain" that keeps vaccines from spoiling.
Igor Bonifacic, @igorbonifacic
December 3, 2020
307 Shares
Share
Tweet
Share

Sponsored Links

Compartment of refrigerator with set of bottles with COVID-19 (SARS-CoV-2) Coronavirus vaccine vials and injection syringe. Copy space provided.

Note: QR code on bottles was generated by me and contains generic text: "SARS-CoV-2 Vaccine"
FrankyDeMeyer via Getty Images

Since the start of the coronavirus pandemic, we’ve seen hackers target efforts to develop a COVID-19 vaccine, but it now seems they’re shifting their attention to the supply chain that will distribute those vaccines to people across the world.  

IBM says it recently uncovered a highly coordinated global phishing campaign focused on the companies and organizations involved with the upcoming “cold chain” distribution of COVID-19 vaccines. That’s the part of the supply network that ensures those vaccines stay cold enough so that they don’t go bad. It’s a critically important aspect of the two leading vaccine candidates from Pfizer and Moderna, as they need to be kept at minus 94 degrees Fahrenheit and minus 4 degrees Fahrenheit, respectively. 

The hackers impersonated an executive with Haier Biomedical, a Chinese company that styles itself as “the world’s only complete cold chain provider.” They sent meticulously researched phishing emails that included an HTML attachment asking the recipient to input their credentials. They could have used that information later to gain access to sensitive networks.

The campaign, which IBM says has “the potential hallmarks” of a state-sponsored effort, cast a wide net. The company only named one target explicitly — the European Commission’s Directorate-General for Taxation and Customs Union — but said the campaign targeted at least 10 different organizations, including a dev shop that makes websites for pharmaceutical and biotech companies. The company doesn’t know if any of the attacks were ultimately successful in their goal. 

Clearly, this is an evolution of the coronavirus-related cyberattacks we’ve already seen. In June, the UK’s GCHQ security and intelligence agency said hackers had been repeatedly trying to access sensitive data related to the country’s coronavirus response, including work it had done on a COVID-19 vaccine. The fact hackers are now targeting the cold chain is worrisome. Transporting and storing the vaccines that will help put an end to the pandemic is already tricky enough as it is without interference.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
307 Shares
Share
Tweet
Share

Popular on Engadget

Put Bernie Sanders almost anywhere with this Google Street View app

Put Bernie Sanders almost anywhere with this Google Street View app

View
Instacart lays off 1,900 workers, including the 10 who formed a union

Instacart lays off 1,900 workers, including the 10 who formed a union

View
'Call of Duty: Warzone' is about to get a big esports push

'Call of Duty: Warzone' is about to get a big esports push

View
Elon Musk announces $100 million prize for new carbon capture tech

Elon Musk announces $100 million prize for new carbon capture tech

View
Raspberry Pi Pico is a $4 Arduino alternative

Raspberry Pi Pico is a $4 Arduino alternative

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr