COVID-19 Vaccine Cold Chain targetted by Hackers

COVID-19 Vaccine Cold Chain targetted by Hackers


A phishing campaign is trying to target the top organizations associated with the distribution of the COVID-19 Vaccine. According to the blog post by IBM X-Force analyst, this campaign is going on since September 2020. It is trying to target six major regions – Germany, Italy, South Korea, Czech Republic, greater Europe and Taiwan.

Covid-19 Vaccine Cold Chain

The hackers are keeping an eye on the “Cold Chain” of the COVID-19 Vaccine distribution. Cold Chain refers to the chain of distribution of Vaccines under suitable conditions. Various medication and vaccines require a cold environment for storage. In the same vein, cold chain focuses on keeping doses cold during their storage and transportation.

The campaign targets the associates of Gavi, The Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) program are the targets. CCEOP is an organization which aims to distribute and improve the technology that can keep vaccines at very cold temperatures.

It includes the European Commission’s Directorate-General for Taxation and Customs Union. In addition, sectors within the energy, manufacturing, website creation and software and internet security solutions are also one of the targets.

“The CCEOP initiative is naturally accelerating efforts to facilitate the distribution of a COVID-19 vaccine. A breach within any part of this global alliance could result in the exposure of numerous partner computing environments worldwide,” says the blog.

Hackers attacking using Emails

The culprits are sending emails to the organizations acting as a qualified supplier for the CCEOP program. And moreover claimed to be the business executive of the Haier Biomedical. The emails contain malicious HTML files, prompting victims to enter their credentials to see the file.
“From there, the adversary could gain insight into internal communications, as well as the process, methods and plans to distribute a COVID-19 vaccine,” says the post.

Phishing email sent to executives in organizations related to the COVID-19 vaccine supply chain.
Global Targeting
Source: Security Intelligence

Till now it is not clear who is behind this campaign. However analysts suspect that this is the act of a nation-state. “While attribution is currently unknown, the precision targeting and nature of the specific targeted organizations potentially point to nation-state activity. Without a clear path to a cash-out, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets.” blog post reads.

IBM X-Force has asked the organizations to stay vigilant and to increase their cyber readiness. They have also listed out a few measures in order to be vigilant. Further, governments have already been warned about this threat and DHS CISA is also issuing an alert.
“Today, in conjunction with this blog, DHS CISA is issuing an alert encouraging organizations associated with the storage and transport of a vaccine to review this research and recommended best practices to remain vigilant.”


Leave a Reply

Your email address will not be published.