简体中文
A cyber espionage campaign targeted at companies vital to the distribution of COVID-19 vaccines has been detected.
According to an alert issued by the US government and a research blog published by IBM, the hacking campaign started in September.
It targeted a range of organisations, including in government and across the energy and IT sectors, that are associated with the
COVID-19
'cold supply' chain.
Explained: How exactly does the cold supply chain work?
Although it is not clear whether the sophisticated phishing emails were successful, IBM warned that the campaign bore "the potential hallmarks of nation-state tradecraft".
"Without a clear path to a cash-out, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets," added IBM.
It follows an announcement in July from Britain, the US and Canada that
Russian cyber spies were trying to steal research
into coronavirus vaccines and treatment.
The emails were sent to 10 organisations, including the European Commission's Directorate-General for Taxation and Customs Union, which handles tax and customs issues across the EU.
Claire Zaboeva, an IBM analyst involved in the detection, told Associated Press that the EU agency - which is revising import and export regimes for vaccines - "would be a gold mine" for hackers seeking to access other organisations.
The hackers have sent emails impersonating a business executive from the Chinese company Haier Biomedical, which is "a credible and legitimate member company of the COVID-19 vaccine supply chain" according to IBM.
The intention of the campaign was to harvest credentials, "possibly to gain future unauthorised access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution".
