Since September, attacks by unknown attackers have sought to compromise “select executives in sales, procurement, information technology and finance positions” at organizations responsible for ensuring that the vaccines are transported in the correct temperature-controlled conditions, IBM said in a blog post.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued its own warning on Thursday linking to IBM’s findings.
Posing as a business executive from Haier Biomedical — an actual participant in the Covid-19 vaccine effort — the hackers sent emails to the EU’s Directorate-General for Taxation and Customs Union, as well as entities in the energy, manufacturing and software sectors, IBM said. The emails were written to look like requests for quotations to potential vaccine program participants.
These so-called spearphishing emails were designed to trick victims into giving up their usernames and passwords, which could have granted the attackers greater access to information about the vaccine and its development and distribution.
It is unclear what the attackers’ motives were, IBM said. And it is also unclear who may have been responsible for the attacks. But IBM said that based on the type of targets involved, state-sponsored hackers should not be ruled out.
“Advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target,” IBM said.
A similar hacking campaign earlier in the year targeted the global supply chain for personal protective equipment, IBM added.