The COVID vaccine supply chain targeted by cyber attacks

A freezer in a Milan hospital that keeps Covid vaccines at a temperature of -75 ° C.

-

Alert on the distribution of vaccines against Covid-19.

IT group IBM revealed on Thursday that a series of cyberattacks had targeted the coronavirus vaccine supply chain, which requires doses to be stored and transported at very low temperatures.

"Our team recently discovered a global 'phishing' campaign targeting organizations associated with the cold chain linked to Covid-19," wrote in a blog post Claire Zaboeva and Melissa Frydrych, analysts for IBM X- Force, a working group dedicated to cybersecurity.

The Directorate-General for Taxation and Customs, a service of the European Commission, was one of the targets of these attacks.

Energy and IT companies based in Germany, Italy, the Czech Republic, South Korea and Taiwan have also been targeted, according to IBM.

Doses kept at -70 ° C

The vaccine developed by Pfizer and the German company BioNTech, which received the green light for marketing in the United Kingdom on Wednesday, must not be exposed to temperatures above -70 ° C to ensure its effectiveness.

To trap their victims, the hackers would have used the method of spear phishing, or "spear phishing", which consists of posing as a legitimate actor in order to recover confidential and sensitive data.

In this case, fraudulent emails were allegedly sent by an alleged executive of the Chinese company Haier Biomedical, which is effectively part of the vaccine supply chain and collaborates with the World Health Organization, Unicef ​​and other UN agencies.

Uncertainty about the origin of the attacks

In the messages, the so-called executive said "wants to place an order with your company" and attached malware asking recipients to provide personal information, IBM says.

The American group specifies that it is not in a position to say who is at the origin of these attacks, but ensures that their nature and their sophistication are reminiscent of the methods of a state actor.

"Without a clear path to loot, it is unlikely that cybercriminals will devote their time and resources to carrying out such a premeditated operation with so many targets interconnected and spread across the globe," Zaboeva and Frydrych write.

IBM says it does not know whether the hacking attempts were successful.

The US federal cybersecurity agency, CISA, said IBM's report should be taken seriously by organizations involved in the vaccine supply chain.

"The CISA encourages all organizations involved in the storage and transport of vaccines to strengthen their protections, especially for cold storage operations, and to remain vigilant against any activity in this sector", reacted in a press release sent to AFP Josh Corman, CISA researcher.

• Coronavirus

• Covid 19

• Cyber ​​attack

• World