IBM has detected a hacking campaign targeted at organizations involved in the manufacturing, transportation, and storage of COVID-19 vaccines. The malicious operation took place last year and is believed to have affected more than 40 companies in 14 countries.
IBM Warns Against “Gold Chain” Attack on COVID Vaccine Supply Lines
IBM’s X-Force team of cybersecurity experts warned that the attack against the “gold chain” – a temperature-controlled supply chain – indicates a high risk of intellectual property theft and potential disruption of long-distance distribution of temperature-sensitive vaccines.
The company reported their discoveries in December, warning of attackers masquerading as representatives of Qingdao Haier Biomedical Co., one of the world’s largest makers and suppliers of cold temperature storage and transportation equipment for heat-sensitive materials.
However, new evidence suggests that the target list was longer than initially estimated, involving phishing emails from September that contained malicious attachments.
According to the research, the messages purported to contain requests for quotes for a solar-powered vaccine refrigerator and other equipment specific to the industry.
“While our previous reporting featured direct targeting of supranational organizations, the energy and IT sectors across six nations, we believe this expansion to be consistent with the established attack pattern, and the campaign remains a deliberate and calculated threat,” the research team wrote.