A cyber espionage campaign targeted at companies vital to the distribution of COVID-19 vaccines has been detected.
According to an alert issued by the US government and a research blog published by IBM, the hacking campaign started in September.
It targeted a range of organisations, including in government and across the energy and IT sectors, that are associated with the COVID-19 'cold supply' chain.
Live COVID updates as UK prepares for vaccine rollout
The cold chain is an essential part of distributing vaccines manufactured by Pfizer/BioNTech, approved in the UK on Tuesday, as the vaccine needs to be stored at -70C (-94F) to avoid spoiling before being administered.
Although it is not clear whether the sophisticated phishing emails were successful, IBM warned that the campaign bore "the potential hallmarks of nation-state tradecraft" rather than an attack by cyber criminals.
"Without a clear path to a cash-out, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets," added IBM.
This week Interpol issued an alert warning that organised criminal gangs could attempt to steal COVID-19 vaccines or create their own fake versions to profit from the pandemic.
It follows an announcement in July from Britain, the US and Canada that Russian cyber spies were trying to steal research into coronavirus vaccines and treatment.
IBM said emails were sent to 10 organisations, including the European Commission's Directorate-General for Taxation and Customs Union, which handles tax and customs issues across the EU.
Claire Zaboeva, an IBM analyst involved in the detection, told Associated Press that the EU agency - which is revising import and export regimes for vaccines - "would be a gold mine" for hackers seeking to access other organisations.
IBM warned that if the hackers were successful, the attacks could lead to the "stealing and selling [of] vaccine shipping containers in black markets across the globe".
The hackers have sent emails impersonating a business executive from the Chinese company Haier Biomedical, which is "a credible and legitimate member company of the COVID-19 vaccine supply chain" according to IBM.
The intention of the campaign was to harvest credentials, "possibly to gain future unauthorised access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution".
Among the companies targeted were those involved in manufacturing solar panels, which can be used in countries without a reliable power supply to ensure vaccine refrigerators are on, as well as petrochemical companies which produce dry ice.
Analysis: Hackers may have even more sensitive secrets in their sights than COVID vaccine plans
By Deborah Haynes, foreign affairs editor
The targeting of a logistical chain to transport coronavirus vaccines around the world could have been a soft underbelly for the hackers to steal even more sensitive secrets from governments.
Researchers at IBM who uncovered the hack described how a convincing-looking phishing email enticed recipients to enter their credentials on to a web page, which would allow the hackers to harvest these details.
Such a backdoor could give them access to sensitive information on how countries plan to distribute a COVID-19 vaccine.
But IBM's Security X-Force said it could also let the hackers delve much deeper into the compromised accounts from around the world.
"Moving laterally through networks and remaining there in stealth would allow them to conduct cyber espionage and collect additional confidential information from the victim environments for future operations," it said in a blog post.
The attack covered six countries, targeting organisations likely involved in the global distribution of COVID-19 vaccines. They included the European Commission's Directorate-General for Taxation and Customs Union.
IBM said: "Targeting this entity could serve as a single point of compromise impacting multiple high-value targets across the 27 member states of the European Union and beyond."
The energy sector, involved in manufacturing solar panels to help power refrigerators to keep vaccines cold, was also hit.
"A compromise of such technologies could result in intellectual property theft or stealing and selling vaccine shipping containers in black markets across the globe," the IBM researchers said.
https://news.google.com/__i/rss/rd/articles/CBMiWmh0dHBzOi8vbmV3cy5za3kuY29tL3N0b3J5L2NvdmlkLTE5LWhhY2tlcnMtdGFyZ2V0ZWQtdmFjY2luZS1kaXN0cmlidXRpb24tbmV0d29yay0xMjE0OTg3MdIBXmh0dHBzOi8vbmV3cy5za3kuY29tL3N0b3J5L2FtcC9jb3ZpZC0xOS1oYWNrZXJzLXRhcmdldGVkLXZhY2NpbmUtZGlzdHJpYnV0aW9uLW5ldHdvcmstMTIxNDk4NzE?oc=5
2020-12-03 12:13:09Z
52781224441372
Tidak ada komentar:
Posting Komentar