Hackers backed by foreign governments are targeting companies involved in the shipping and storing the coronavirus vaccine at a low enough temperature to keep it from spoiling, IBM said in research released Thursday.
The announcement is the latest in a series of cybersecurity research reports that point to foreign governments employing hackers to break into the networks of groups working to rush out a vaccine, and comes as the U.S. prepares to ship refrigerated boxes of vaccines across the country this month.
While not every potential vaccine requires the same refrigeration, the one developed by Pfizer-BioNTech, which was approved Wednesday in the U.K. and may soon become the first coronavirus vaccine approved for distribution in the U.S., has to be shipped in special boxes of dry ice that must be opened quickly before use. The White House has claimed that as many as 20 million doses of the vaccine could be distributed in the U.S. in December.
The hacking campaign consisted of phishing emails spoofed to look like they had come from an executive at Haier Medical, a Chinese company that specializes in the “cold chain,” the supply chain of specialized equipment for the shipping and storing goods that have to be kept well refrigerated. The emails contained an attached HTML file that prompts the recipient to enter their username and password, an attempt by the hackers to get access to the victim’s network.
The emails were sent around the world and included targeting a number of employees at specific companies in the cold chain, IBM researchers said.
While they didn’t have enough information to confidently identify who was behind the campaign, the researchers were confident it was the work of government-backed hackers and not independent criminals.
At various points during the pandemic, government officials and tech companies have accused each of the four countries that the U.S. regards as its primary antagonists in cyberspace — China, Iran, North Korea and Russia — of trying to hack into organizations conducting coronavirus vaccine research.
Glenn Koepke, a senior vice president at FourKites, a company that provides logistics services to pharmaceutical and cold chain companies, including Pfizer, said in a Zoom interview that hackers could seriously affect vaccine delivery if they interrupted payment processing for a company in the vaccine supply chain.
“The risk is shutting down transaction processing, if orders can’t flow through electronically,” Koepke said. “We’re in a digital era. The idea of going to fax just doesn’t exist.”
The U.S. Cybersecurity and Infrastructure Security Agency encouraged companies involved in vaccine shipment and storage to be on guard from hackers.
“Today’s report highlights the importance of cybersecurity diligence at each step in the vaccine supply chain,” Josh Corman, the agency’s chief strategist for health care, said in an email.
“CISA encourages all organizations involved in vaccine storage and transport to harden attack surfaces, particularly in cold storage operation, and remain vigilant against all activity in this space,” Corman said.