New research suggests hackers are escalating attacks on Covid vaccine distribution networks.
A campaign tracked by tech giant IBM revealed that the cyber attackers, believed to be acting on behalf of a nation-state, have organised a sophisticated spear-phishing campaign against vaccine ‘cold supply’ networks.
So far, the hackers have not been identified and it is not known whether they have been successful. However, IBM warned that the campaign exhibited the “potential hallmarks of nation-state tradecraft” rather than an attack by cybercriminals.
The campaign supposedly began in September this year when hackers targeted organisations in six countries linked to the Cold Chain Equipment Optimisation Platform (CCEOP) of Gavi, the international vaccine alliance.
Hackers impersonated a Chinese firm involved in CCEOP’s supply cold chain to boost the chances of email engagement. Phishing emails were then sent containing malicious code and asked for people’s login credentials.
Commenting on the targeting of Covid vaccine data, Chris Ross, SVP Sales, International for Barracuda Networks said: “The coronavirus has significantly altered the cyber threatscape facing organisations and consumers over the last year, and it appears professional networks’ of cybercriminals have now turned their attention to seizing control of information and disrupting the services of companies and department’s vital to the distribution of the vaccine.
“The purpose of this concerted attack on the Covid vaccine supply ‘cold chain’ is likely to acquire leverage in a multi-million-pound ransomware attempt, to sell key data on the ‘black market’ to the highest international bidder, or, quite simply, to disrupt the UK’s standing as the first country in the world to start vaccinating its citizens on a mass scale.”
- Russian and North Korean hackers ramp up vaccine research attacks
- IFB launches threat intelligence service amid rising Covid cyber threats
- Russian hackers exposed trying to steal Covid-19 vaccine research
This is the latest of several attacks in Britain around the Covid-19 vaccine research so far this year. Since progress first began, hackers have been looking to access vital vaccine data.
In May it was discovered that hackers were targeting universities in Britain to get access to research. Those cyber-attacks were traced back to Russia and Iran, but cyber-experts said that China may also have been making attempts.
Ross continued: “Phishing scams have surged since the outbreak of Covid-19 and the UK’s first national lockdown, with our recent data showing that spear-phishing campaigns have been disproportionately targeting schools and universities since the start of the pandemic.
“However, this is the first time that a significant phishing campaign has been used on a global scale to disrupt the progress of our battle with the coronavirus – this issue must be taken extremely seriously by all afflicted targets and organisations who have anything to do with the logistics, transport or distribution of the vaccine, who may have already been breached, and do not yet know it.”