IBM Uncovers More Attacks Against COVID-19 Vaccine Supply Chain

IBM didn’t identify any suspected hacking group behind the attacks.

By Jordan Robertson, Bloomberg | Updated: 15 April 2021 13:32 IST

IBM Uncovers More Attacks Against COVID-19 Vaccine Supply Chain

IBM previously said it believed the campaign was the work of an unspecified nation-state

Highlights

Attacks against cold chain highlight risk of intellectual property theft
The targets were broader than originally detected
IBM didn't identify any suspected hacking group behind the attacks

A hacking campaign that International Business Machines detected last year against organisations involved in the manufacturing, transportation, and storage of COVID-19 vaccines was wider than initially understood and is now found to have targeted more than 40 companies in 14 countries, the company said Wednesday.

The attacks against the “cold chain” - a temperature-controlled supply chain - highlight the risk of intellectual property theft and potential disruption for stakeholders in the fragile process of shipping vaccines across long distances at stable temperatures, researchers from IBM's X-Force cyber-security group wrote in a blog post.

The company reported in December the discovery of the attacks, which involved hackers masquerading as representatives of Qingdao Haier Biomedical, a China-based company and one of the world's largest makers of equipment to store and deliver materials at cold temperatures. IBM's new research found that the targets were broader than originally detected, involving emails sent in early September that sought to trick people into opening malicious attachments that purported to contain requests for quotes for a solar-powered vaccine refrigerator and other equipment specific to the industry.

WhatsApp Brings Stickers to Encourage Users to Get COVID-19 Vaccine

“Exploring the available emails, X-Force uncovered multiple features which likely signal the actor's exceptional knowledge of the cold chain,” the researchers wrote. “While our previous reporting featured direct targeting of supranational organisations, the energy, and IT sectors across six nations, we believe this expansion to be consistent with the established attack pattern, and the campaign remains a deliberate and calculated threat.”

IBM didn't identify any suspected hacking group behind the attacks, but the company previously said it believed the campaign was the work of an unspecified nation-state. IBM didn't say whether the attacks were effective in getting people to click on the malicious attachments.

Why did LG give up on its smartphone business? We discussed this on Orbital, the Gadgets 360 podcast. Later (starting at 22:00), we talk about the new co-op RPG shooter Outriders. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.

How to Find Nearest COVID-19 Vaccination Centre Online: Follow These Steps

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.