Sophisticated operation likely to have been backed by a nation state
Refrigerated shipping containers in Frankfurt which will be used to transport vaccines
BY:
Eric De Grasse
Chief Technology Officer
3 December 2020 (Paris, France) – So, not only to we have widespread disease, and economic distress, we have an organization who is undermining the distribution of the vaccine.
As reported by numerous intelligence agencies today, cyber attackers have targeted the cold supply chain needed to deliver Covid-19 vaccines. According to reports detailing the attacks, it is a sophisticated operation likely backed by a nation state. The hackers appeared to be trying to disrupt or steal information about the vital processes to keep vaccines cold as they travel from factories to hospitals and doctors’ offices.
According to the report by IBM’s threat intelligence task force, which advises companies and the public sector on cyber security, they targeted organizations associated with a cold chain platform run by the Gavi vaccine alliance, a public-private partnership for developing immunisation for poorer countries.
Many of the Covid-19 vaccines have to be kept cold to keep them from spoiling. Pfizer and BioNTech’s vaccine must be kept between minus 70C and minus 80C, while Moderna’s jab needs to be transported at minus 20C.
The attackers pretended to be an executive at a Chinese supplier of ultra-cold refrigeration, to mount a phishing campaign trying to obtain usernames and passwords, the report said. The IBM threat intelligence team indicates the hackers were either looking to disrupt the vaccine delivery process or steal intellectual property. One side of it is cyber espionage: “How do you get vaccines out? How is the manufacturing process working for refrigeration? How are you managing the entire logistics chain?” The other side: the potential for disruption, being able to launch attacks that disrupt vaccines, and their distribution to undermine trust in them around the world. Governments have been warned that it was vital to treat the vaccine supply chain as “a new type of global critical infrastructure” to help them secure the products that could help end the pandemic. These refrigeration companies are not going to have the same security tools that advanced financial institutions have.
The news prompted the U.S. Cyber Agency to issue a formal alert to other groups involved in the cold supply chain. It could be the “tip of an iceberg” in a larger global campaign, as the hackers try to find holes in security and jump between companies and governments involved in the mass vaccination programmes. It was “an extremely well-researched and well-placed campaign. And that does potentially point to a very competent person or team”.
The IBM report described a hacking campaign that spanned six countries, aimed at the European Commission’s customs and taxation unit, and organisations in energy, manufacturing and technology. The campaign started in September and the task force discovered the threat in October. The IBM researchers do not know if the hackers were successful at gaining entry to the networks.
But all of the reports … from the intel agencies, from the cyber security professional community, etc. … highlighted the importance of cyber security diligence at each step in the vaccine supply chain.
I have not read all the cyber forensics reports (at least the ones given to me) but since tech savvy organizations are targeting and actively undermining the successful rollout of this vaccine it might take much longer for lockdowns to end, and for the economy to normalize. And now one can only imagine the money to be made from anything to do with Covid vaccine distribution, including upping the IT security of refrigeration companies.