Connect with us

Hi, what are you looking for?

Capital Business
Capital Business
Dry ice will be used to help transport the Covid-19 vaccine, but hackers are targeting the supply chain involved, IBM has warned

Kenya

Hackers targeting Covid-19 vaccine supply chain, IBM warns

With multiple vaccines close to becoming available in a world gripped by the coronavirus pandemic, manufacturers have become the target of hackers trying to steal trade secrets or disrupt supply chains.

IBM warned Thursday that it had uncovered a series of cyber attacks, potentially carried out by state actors, against companies involved in the effort to distribute vaccine doses, which must be kept cold.

IBM said the European Commission’s Directorate-General for Taxation and Customs Union was one target of the attacks, as well as European and Asian companies involved in the supply chain, whose names have not been disclosed.

“Our team recently uncovered a global phishing campaign targeting organizations associated with a COVID-19 cold chain,” Claire Zaboeva and Melissa Frydrych, analysts for IBM X-Force, a cyber security working group, wrote in a blog post.

The purpose “may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution.”

It was unclear if the attacks were successful, IBM said, and while it could not identify those behind the attacks, the precision of the operation signals “the potential hallmarks of nation-state tradecraft.”

The vaccine developed by Pfizer and German company BioNTech, which on Wednesday got the green light from Britain to distribute its vaccine, must be stored below -70 degrees Celsius to ensure its effectiveness.

That means it will require specialized logistics companies such as Haier Biomedical, a Chinese-owned cold chain supply company working with the World Health Organization and the United Nations.

Hackers impersonated an executive from Haier Biomedical, and “disguised as this employee, the adversary sent phishing emails to organizations believed to be providers of material support to meet transportation needs within the COVID-19 cold chain,” Zaboeva and Frydrych wrote.

Advertisement. Scroll to continue reading.

Moderna also has developed a vaccine that must be stored at -20 degrees Celsius, while AstraZeneca’s version can be stored in a normal freezer.

 

– Wave of attacks –

Cybercriminals also have tried to attack several pharmaceutical companies developing vaccines including Johnson & Johnson, Novavax, AstraZeneca and South Korean laboratories, according to the Wall Street Journal.

Spanish laboratories also reportedly have been attacked by Chinese cybercriminals, the El Pais newspaper reported in September.

Cold storage giant Americold last month reported a hack into its computer systems to the US stock market regulator, without specifying whether the attack was related to the group’s role in vaccine storage.

“The intellectual property relating to mass market pharmaceuticals has tremendous value and so is a significant prize for a cybercriminal,” said Mark Kedgley, chief technology officer at New Net Technologies (NNT), a Naples, Florida-based provider of cybersecurity and compliance software.

And Covid-19 vaccines draw “Nation State level hacking.”

The countries experts most often linked to cyber attacks are Russia, China and North Korea, although there is no formal proof of their involvement in the recent incidents.

But cybersecurity firm Kapersky notes the use of “false flags” including Russian-linked email addresses, in a possible move to deflect blame for the attacks.

Advertisement. Scroll to continue reading.

There also could be financial motives behind the attacks.

Brett Callow, threat analyst at Emisoft, said the attacks are not surprising.

“States or non state actors will try to use any situation that they can to obtain an advantage, whether it’s a political or a financial advantage,” he told AFP. “It’s pretty much inconceivable that anything Covid-related wouldn’t come under attack.”

The US federal cyber security agency, CISA, said the IBM report should be taken seriously by organizations involved in the vaccine supply chain.

“CISA encourages all organizations involved in vaccine storage and transport to harden attack surfaces, particularly in cold storage operation, and remain vigilant against all activity in this space,” Josh Corman, a CISA strategist, told AFP.

The labs, too, will be on alert.

“Much of the large pharma companies have the skills and cybersecurity organizations to be able to detect this malicious type code and to protect against it,” Marrene Allison, chief information security officer for Johnson & Johnson, said Thursday during a conference hosted by the Aspen Institute.

But, she said, “unfortunately, not everyone has that in the health care industry.”

Advertisement. Scroll to continue reading.
Click to comment
Advertisement

More on Capital Business

Executive Lifestyle

NAIROBI, Kenya, Mar 12 – The country’s super wealthy individuals are increasing their holding of bonds, gold and cash, a new report by Knight...

Ask Kirubi

NAIROBI, Kenya, Mar 9 – Businessman and industrialist Dr. Chris Kirubi has urged members of the public to exercise extreme caution when making any...

Ask Kirubi

NAIROBI, Kenya, Mar 24 – Businessman and industrialist Dr. Chris Kirubi is set to own half of Centum Investment Company PLC, following a go-ahead...

Headlines

NAIROBI, Kenya, Mar 18 – Commercial Banks have been ordered to provide relief to borrowers on their personal loans, with loans eligible from March...

Ask Kirubi

It is without a doubt that the COVID-19 pandemic has caught the whole world by surprise. Although its full impact is yet to be...

Kenya

NAIROBI, Kenya, Jun17 – Kenya’s tea leaves manufacturer Kericho Gold, has been awarded the Superbrands Seal by Superbrands East Africa for their quality variety...

Coronavirus

NAIROBI, Kenya, Apr 13 – As the local telecommunications industry gears up to roll out 5G networks in the country, the Communications Authority of...

Coronavirus

NAIROBI, Kenya, Mar 22 – Airtel Kenya is offering free internet access for students in order to enable continued learning at home in the...