Hackers attack against covid-19 vaccines
The COVID-19 vaccines have awaken hackers, multiplying attacks to disrupt delivery or impound trade secrets, which requires laboratories and actors in the supply chain to be more attentive.
In a document published Thursday, the IBM IT group reported a series of cyberattacks targeting the vaccine supply chain, requiring doses to be stored and transported at very low temperatures.
Our team recently discovered a global 'phishing' campaign targeting organizations associated with the COVID-19 cold chain, IBM X-Force analysts Claire Zaboeva and Melissa Frydrych wrote in a cybersecurity blog.
The vaccine developed by Pfizer and its German partner BioNTech, which received the green light for commercialization in the United Kingdom on Wednesday, cannot be exposed to temperatures above -70 ° C to guarantee its effectiveness.
The General Directorate of Control and Customs, a service belonging to the European Commission, was one of the targets of the attack, as well as energy and computer companies from Germany, Italy, the Czech Republic, South Korea and Taiwan, according to IBM.
To catch their victims, the cybercriminals mainly used the method of "phishing", which consists of impersonating someone known to obtain confidential and sensitive data.
The hackers sent fraudulent emails on behalf of an alleged leader of the Chinese company Haier Biomedical, which is effectively part of the vaccine logistics chain and collaborates with the World Health Organization, Unicef and other UN agencies.
In the messages they incited to supply passwords or identification data.
They also tried to attack pharmaceutical companies that develop vaccines such as the American Johnson & Johnson and Novavax, the British AstraZeneca and South Korean laboratories, according to the Wall Street Journal.
Spanish laboratories were attacked by Chinese cybercriminals, El País newspaper reported in September.
In November, the cold storage giant Americold reported an attack on its computer systems to the body in charge of controlling the United States Stock Exchange, without specifying whether that action was related to the group's role in the storage of vaccines.
IBM said it cannot determine who is behind these attacks, but assures that their nature and sophistication suggest a state actor.
For Mark Kedgleyc, from cybersecurity software provider New Net Technologies, the intellectual property tied to powerful pharmaceuticals is of immense value to cybercriminals.
In the case of vaccines against covid-19, it has to do with piracy at the level of nation-states, he estimated.
The Russian antivirus manufacturer Kaspersky reminds in this regard that identity theft techniques or email addresses hosted in a .ru domain, can be used to try to divert suspicions about the identity and, in particular, the nationality of the attackers.
Financial motivations cannot be ruled out either, given the high profits left by the commercialization of vaccines.
State and non-state actors try to use any situation to gain advantage, whether political or financial. It would have been inconceivable that covid-related efforts were not a target, said "Brett Callow of Emsisoft, a company specializing in cybersecurity.
The US agency in charge of cybersecurity, CISA, believed that IBM's report should be taken seriously.
CISA encourages all organizations involved in the storage and transport of vaccines to reinforce their protections, mainly for cold storage operations, and to remain vigilant of any activity in this sector, CISA researcher, Josh Corman said in a statement sent to AFP.
Laboratories are also on alert.
Most large pharmaceutical groups have the resources to detect and protect themselves from malicious code, Marene Allison, Johnson & Johnson's security manager, said Thursday.
Unfortunately, this is not the case for everyone in the healthcare industry, he added.
Our team recently discovered a global 'phishing' campaign targeting organizations associated with the COVID-19 cold chain, IBM X-Force analysts Claire Zaboeva and Melissa Frydrych wrote in a cybersecurity blog.
The vaccine developed by Pfizer and its German partner BioNTech, which received the green light for commercialization in the United Kingdom on Wednesday, cannot be exposed to temperatures above -70 ° C to guarantee its effectiveness.
The General Directorate of Control and Customs, a service belonging to the European Commission, was one of the targets of the attack, as well as energy and computer companies from Germany, Italy, the Czech Republic, South Korea and Taiwan, according to IBM.
To catch their victims, the cybercriminals mainly used the method of "phishing", which consists of impersonating someone known to obtain confidential and sensitive data.
The hackers sent fraudulent emails on behalf of an alleged leader of the Chinese company Haier Biomedical, which is effectively part of the vaccine logistics chain and collaborates with the World Health Organization, Unicef and other UN agencies.
In the messages they incited to supply passwords or identification data.
They also tried to attack pharmaceutical companies that develop vaccines such as the American Johnson & Johnson and Novavax, the British AstraZeneca and South Korean laboratories, according to the Wall Street Journal.
Spanish laboratories were attacked by Chinese cybercriminals, El País newspaper reported in September.
In November, the cold storage giant Americold reported an attack on its computer systems to the body in charge of controlling the United States Stock Exchange, without specifying whether that action was related to the group's role in the storage of vaccines.
IBM said it cannot determine who is behind these attacks, but assures that their nature and sophistication suggest a state actor.
For Mark Kedgleyc, from cybersecurity software provider New Net Technologies, the intellectual property tied to powerful pharmaceuticals is of immense value to cybercriminals.
In the case of vaccines against covid-19, it has to do with piracy at the level of nation-states, he estimated.
The Russian antivirus manufacturer Kaspersky reminds in this regard that identity theft techniques or email addresses hosted in a .ru domain, can be used to try to divert suspicions about the identity and, in particular, the nationality of the attackers.
Financial motivations cannot be ruled out either, given the high profits left by the commercialization of vaccines.
State and non-state actors try to use any situation to gain advantage, whether political or financial. It would have been inconceivable that covid-related efforts were not a target, said "Brett Callow of Emsisoft, a company specializing in cybersecurity.
The US agency in charge of cybersecurity, CISA, believed that IBM's report should be taken seriously.
CISA encourages all organizations involved in the storage and transport of vaccines to reinforce their protections, mainly for cold storage operations, and to remain vigilant of any activity in this sector, CISA researcher, Josh Corman said in a statement sent to AFP.
Laboratories are also on alert.
Most large pharmaceutical groups have the resources to detect and protect themselves from malicious code, Marene Allison, Johnson & Johnson's security manager, said Thursday.
Unfortunately, this is not the case for everyone in the healthcare industry, he added.
