The company says it tracked a campaign aimed at the delivery “cold chain” used to keep vaccines at the right temperature during transportation.
The attackers’ identity is unclear – but IBM said the sophistication of their methods indicated a nation state.
It follows warnings from governments – including the UK’s – of countries targeting aspects of vaccine research.
Phishing emails
IBM says it believes the campaign started in September 2020.
It says phishing emails were sent out across six countries, which targeted organisations linked to the Cold Chain Equipment Optimisation Platform (CCEOP) of Gavi, the international vaccine alliance.
Gavi’s partners include the World Health Organization, Unicef, the World Bank and the Bill & Melinda Gates Foundation. They help distribute vaccines around the world to some of the poorest regions.
This sometimes requires a “cold chain”.
Malicious code
For example, the Pfizer-BioNTech vaccine – which was not the specific target of this campaign – will need to be kept at a temperature of about -70C as it is moved about.
The attackers impersonated a business executive from a legitimate Chinese company involved in CCEOP’s supply cold chain to make it more likely the targets would engage with the email.
They then sent phishing emails to organisations that provided transportation, which contained malicious code and asked for people’s log in credentials.
That could have allowed them to understand the infrastructure that governments intended to use to distribute vaccines.
“Advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target,” IBM says.
‘Precision targeting’
IBM says the wider targeting included:
- the European Commission’s Directorate General Taxation and Customs Union
- companies involved in manufacturing solar panels, which can be used to keep vaccines cold in places where reliable power is not available
- a South Korean software-development company
- a German website-development company, which supports clients associated with pharmaceutical manufacturers, container transport, biotechnology and manufacturers of electrical components for communications
IBM says the campaign was uncovered by a security team it set up at the start of the pandemic to track down Covid-19 cyber-threats.
“The precision targeting and nature of the specific targeted organisations potentially point to nation-state activity,” the US company said.
“Without a clear path to a [pay]out, cyber-criminals are unlikely to devote the time and resources required to execute such a calculated operation.”
Intelligence gathering
IBM says it has notified those targeted as well as law-enforcement authorities.
The US’s Cybersecurity and Infrastructure Security Agency (Cisa) has issued an alert encouraging organisations associated with the storage and transport of a vaccine to be on guard for the kind of attacks linked to IBM’s report.
In July, the UK warned Russian intelligence had targeted UK vaccine research, including at Oxford.
The US also warned of Chinese hacking, while, more recently, Microsoft said it had seen North Korean and Russian hackers targeting vaccine research.
Officials suggested the activity so far had been about intelligence gathering rather than disruption of any research.
Such a valuable read.
With havin so much content and articles do you ever run into any problems of plagorism or copyright violation? My website has a lot of unique content I’ve either created myself or outsourced but it looks like a lot of it is popping it up all over the internet without my agreement. Do you know any methods to help reduce content from being stolen? I’d definitely appreciate it.
for the reason that here every material is quality based
Fiquei muito feliz em descobrir este site. Preciso de agradecer pelo vosso tempo
nogensinde løbe ind i problemer med plagorisme eller krænkelse af ophavsretten? Mit websted har en masse unikt indhold, jeg har
nogensinde løbe ind i problemer med plagorisme eller krænkelse af ophavsretten? Mit websted har en masse unikt indhold, jeg har
que eu mesmo criei ou terceirizei, mas parece que
que eu mesmo criei ou terceirizei, mas parece que
|Tato stránka má rozhodně všechny informace, které jsem o tomto tématu chtěl a nevěděl jsem, koho se zeptat.|Dobrý den! Tohle je můj 1. komentář tady, takže jsem chtěl jen dát rychlý
webové stránky jsou opravdu pozoruhodné pro lidi zkušenosti, dobře,
Such a informative insight.
This is the kind of content I enjoy reading.
I found new insight from this.
det. Denne side har bestemt alle de oplysninger, jeg ønskede om dette emne, og vidste ikke, hvem jeg skulle spørge. Dette er min 1. kommentar her, så jeg ville bare give en hurtig
Virtually all of whatever you say happens to be supprisingly legitimate and that makes me wonder the reason why I hadn’t looked at this in this light before. Your piece truly did switch the light on for me as far as this particular subject matter goes. Nevertheless there is one point I am not necessarily too comfy with and while I try to reconcile that with the main theme of your position, let me see what the rest of the subscribers have to point out.Very well done.
Com tanto conteúdo e artigos, alguma vez se deparou com problemas de plágio ou violação de direitos de autor? O meu site tem muito conteúdo exclusivo que eu próprio criei ou
女優の熊谷真実(64)が3日に自身のSNSを更新し、豪華な誕生会の様子を公開した。オタ娘の恋に急展開! そのすきにアキナがどこかに駆け出して行く。大晦日五郎は風呂の準備をしてから、純と螢を迎えに行く。大晦日に石で作った風呂に子供たちと一緒に入ることを楽しみにしていると語る五郎にこごみは思わず涙ぐむ。始発で旭川の定時制看護学校に通い、日中は病院で甲斐甲斐しく働く螢。五郎は富良野の町中で医師の財津を待ち伏せする。 へそ祭りの日、螢は富良野に戻るが、札幌の病院に勤める勇次の伯父に会うのが目的だった。
det. Denne side har bestemt alle de oplysninger, jeg ønskede om dette emne, og vidste ikke, hvem jeg skulle spørge. Dette er min 1. kommentar her, så jeg ville bare give en hurtig
Way cool! Some very valid points! I appreciate you penning this write-up plus the rest of the website is also very good.
skupině? Je tu spousta lidí, o kterých si myslím, že by se opravdu
首をかしげている俺を見てガハハと笑う一心隊長。 マグニートーは宇宙から優位種である自分達が愚かな人類を見渡せるようにと、宇宙要塞「アステロイドM」を建造し、新たな拠点としていた。 その後も、名鉄傘下の中日本航空が運航していた定期路線便は1965年(昭和40年)に全日本空輸に譲渡、名鉄、中日本航空、全日本空輸3社の出資でコミューター会社の「エアーセントラル」(現・
This is a topic that is close to my heart…Take care! Where are your contact details though?
I will revisit once again since i have book-marked it. Money and freedom is the best way to change, may you be rich and continue to guide others.
buď vytvořil sám, nebo zadal externí firmě, ale vypadá to.
I do agree with all of the ideas you’ve presented in your post. They are really convincing and will certainly work. Still, the posts are too short for beginners. Could you please extend them a bit from next time? Thanks for the post.
) Jeg vil besøge igen, da jeg har bogmærket det. Penge og frihed er den bedste måde at ændre sig på, må du være rig og
Good way of telling, and nice paragraph to take information on the topic of my presentation focus, which i am going to deliver in school.
visit this web-site [url=https://gta-san-andreas-apk.net]gta sa apk[/url]
нажмите здесь [url=https://motifri.com]кракен даркнет[/url]