Seasons Greetings

Flash News: European Space Agency partners with startup to launch first debris removal mission in 2025      - | -     Fairness issues loom over trial in Iowa student's slaying      - | -     India rolls out new Covid emergency drug developed by DRDO      - | -     America ditches mask under new government health guidance but confronts new dilemmas      - | -     Why a Republican Trans Candidate is good for Trans People     - | -     Houston tiger is still missing as mystery deepens over man who was seen with it     - | -     A mysterious, devastating brain disorder is afflicting dozens in one Canadian province     - | -     More than 4,000 Indians die of COVID-19 for second straight day     - | -     India assures citizens 5G doesn't cause Covid-19     - | -     Evangelical Lutheran Church elects first transgender bishop     - | -     Pressure builds for CDC to update indoor-mask requirements for vaccinated people     - | -     Strongest evidence yet shows SARS-CoV-2 may insert Itself into the human genome     - | -     Trump stokes anticipation about 'bombshell' Michigan election fraud     - | -     Accept new policies or lose functionality instantly: Whatsapp     - | -     Julian Read, who briefed press after JFK assassination, dies     - | -     Across faiths, US volunteers mobilize resources for India to handle a devastating second wave     - | -     Pastor says he won't close church after Covid-19 outbreak infected 74 members     - | -     Kumbh Mela a super-spreader event as India battles insidious second wave Covid-19     - | -     8.3 million cases in last 30 days, volunteers answering SOS calls from the sick and dying: India chokes      - | -     White people continue to be vaccinated at faster rates than Black and Hispanic people in most states     - | -     Delhi hospitals plead for oxygen as more patients die: Political wrangling between the state and central government continues     - | -     6th grade girl opens fire in Idaho middle school, injures 3     - | -     Pollster Frank Luntz: 'I would bet on' Trump being 2024 GOP nominee     - | -     FBI raid exposes Giuliani into his Ukraine drive to help Trump signals widening criminal search, experts say     - | -     Selling Apple shares 'was probably a mistake' ace investor Warren Buffett admits     - | -     The NYPD hate crimes unit is investigating after two more assaults on Asian Americans     - | -     Covid-19 live updates: India cracks 20 million coronavirus cases as infections spread     - | -     Why India's outbreak is a threat to the world     - | -     Suspected smuggling boat tragedy in San Diego adds to Biden's migrant crisis woes     - | -     A large and destructive tornado has touched down in Tupelo, Mississippi     - | -     Only a fraction of Americans say country is more united under Biden     - | -     Maryland votes to nix state song, a Confederate call to arms     - | -     Kim Janey rewrites history, Boston's first Black and female mayor     - | -     Gunman kills 10 at Colorado supermarket in second US mass shooting in a week     - | -     Kamala Harris laughs when asked if she will visit the border raises sharp criticism online     - | -     Roger Stone under fresh scrutiny as Capitol attack investigation intensifies     - | -     Vaccines will likely not be mandatory for teachers: Biden’s Education Secretary     - | -     Fauci warns about potential for an oncoming resurgence of virus if restrictions eased     - | -     Biden plug relief to Americans, celebrates 'transformational' victory on COVID-19 relief     - | -     LA Schools to Reopen in mid-April & NY City will open high schools next week     - | -     Women are tired of explaining to men like Andrew Cuomo why sexual harassment is wrong     - | -     Biden signs orders on gender equity, nominates two women to be four-star commanders     - | -     Nation takes baby steps to normality after year in lockdown; "The virus isn't going to go away," says Harvard epidemiologist     - | -     Rumours of vaccine site giving jabs to anyone because of low demand. Hundreds lined up     - | -     Vaccine supply will "dramatically" increase in weeks ahead: Fauci     - | -     Biden calls it "Neanderthal thinking" slams Texas and Mississippi's decisions to lift COVID-19 mask mandates     - | -     This Is What GOP Feared. Now that Trump Has Governed with Executive Orders, Dems Plan to Do Same      - | -     Man Throwing 'Incendiary Devices' at ICE Detention Center Is Killed in Attack      - | -     Mueller Hearing Pushed Back a Week to Allow More Time for Him to Answer Questions      - | -     Trump Tells 4 Congresswomen of Color to 'Go Back' to 'Crime-Infested' Countries They Came From      - | -     GOP Congressman Invokes 'The Deep State'

National News

How hackers target the COVID-19 supply chain that previously remained unreported

viewsViews 200

How hackers target the COVID-19 supply chain that previously remained unreported

2021-04-30 06:44:23

By K. Shalini

Hackers have targeted companies that distribute the COVID-19 vaccine to a degree previously unreported, according to research from IBM Security.

Starting last year, attackers attempted to access sensitive information about the vaccine's "cold chain" distribution system. IBM Security said the phishing attack targeted 44 companies in 14 countries across Europe, North America, South America and Asia. It is unclear if the hackers were successful in breaching systems. The hacking victims include high-ranking executives at a petrochemical firm, a solar energy manufacturer, several IT companies and a department at the European Commission.

The cyberattack was first discovered in late 2020. Researchers initially believed the hacking campaign targeted UNICEF's GAVI alliance, a coalition of governments and companies that help developing countries distribute vaccines. At the time, it was unclear if the campaign was successful, according to IBM's global lead for threat intelligence, Nick Rossmann.

But the new IBM research shows the operation's scope was larger than previously thought, requiring significant "premeditated planning," Rossmann said. "This was a very well-calibrated, complex and precise campaign."

Although his team cannot conclusively attribute the cyberattack to a particular actor, Rossmann said "this operation has the hallmarks of nation-state activity. We're dealing with an adversary [that] has an acute understanding of [the vaccine] supply chain."

The ability to disrupt or destroy vaccine supplies amount to a form of saber-rattling, Rossmann said.

"We're far from over the COVID-19 crisis, and while the U.S. has turned the corner with its vaccination progress, many other countries continue to face significant challenges. As countries struggle to get access to vaccines, this type of adversarial activity illustrates a race for influence over the vaccine market," he said.

The targets

A range of health care firms were major targets of the hacking scheme. That includes biomedical research organizations, medical equipment manufacturers; pharmaceutical firms, surgical material makers, immunology experts and pharmacies distributing COVID-19 rapid tests.

Logistics and transportation were also heavily targeted in the cyberattack, including eight companies in the automotive, aviation, maritime and transport services sectors across Italy, Korea, Japan, Colombia and the U.S.

"Logistics firms are a particularly ripe target," Rossmann said. "They are moving the vaccine in different places around the world. You can imagine that a refrigeration company probably doesn't have the same security as one of the largest banks in the world."

This hacking group was capable of surreptitiously mining large amounts of data about how the vaccine is shipped, or even shutting down the company's operational systems. "Potentially [hackers] could spoil the vaccine batches that they have in refrigeration units," he said.

The tactics

The attack was carried out in multiple stages. The hackers used highly customized spear-phishing emails to target companies in the cold chain. Phishing hacks are emails or text messages that appear to be sent from a legitimate source and are intended to steal a victim's username and password. Most phishing attacks, like spam, are imprecise and sent to thousands of recipients.

graphical user interface, text, application, email: The cold chain hackers posed as an employee of Haier Biomedical. / Credit: IBM Security© Provided by CBS News The cold chain hackers posed as an employee of Haier Biomedical. / Credit: IBM Security

The cold chain hackers devised a clever cover story: They impersonated an employee of Haier Biomedical, one of the world's most respected cold chain providers and a client of one of the first targets.

Those targets were CEOs, product managers, sales managers and finance executives who anticipated an email requesting approval. The phishing message they received was so well-crafted that at least some of its recipients fell for the scam, Rossman said.

"The quote generally looked very good! And when you clicked on this email, a PDF popped up with a, 'Hey, can you please write your username, your password,' not typical for a PDF you would get from a supplier," Rossmann said.

Once inside the network, the hackers were able to steal important credential information, move to other parts of the network and send additional phishing messages by posing as executives from the company.

Harvested credentials are also often used to gain future unauthorized access to corporate networks and sensitive information. Researchers eventually discovered an additional 50 similar messages targeting the cold chain companies.

COVID-19 presented a huge opportunity for a wide spectrum of cybercriminals and malicious actors. The Department of Health and Human Services last month issued a phishing alert, warning: "Fraudsters are offering COVID-19 tests, HHS grants, and Medicare prescription cards in exchange for personal details, including Medicare information."

Email scams in particular are surging, according to the cyber defense firm Barracuda. A Verizon report last year found that phishing was responsible for almost 70% of data breaches.

 "This threat is very real"

"Cold chain companies are a piece of critical infrastructure and they're under attack," Rossmann said, noting that damaging these firms poses a major risk to public safety and national security.

The hackers' attempt to disrupt or destroy vaccine supplies was likely intended to undermine trust in the treatments, he said. If even a small percentage of COVID-19 vaccine doses were damaged, it could weaken trust in the entire system.

"This threat is very real, and our goal is to make sure anyone involved in any aspect of the supply chain is on high alert," Rossman said. "In the United States, Canada and Europe, where there is already doubt [about vaccine safety], sowing mistrust is a part of the arsenal of what some of these adversaries do."

Post Your Comment

Most Recent News

MLB: New York Yankees Aaron Judge, Colorado Rockies Josh Fuentes Named Players of the Week

17 May, 2021

  -posted by Daniel Mogollon, Staff Writer; Image: New York Yankees All-Star outfielder Aaron Judge. (Image Source: Evan Habeeb/USA TODAY Sports) All-Star outfielder Aaron......More

Boxing: Tyson Fury Confirms August Date vs Anthony Joshua

17 May, 2021

  Tyson Fury confirms August date vs Joshua  ...More

MLB: Los Angeles Dodgers Sign Three-Time NL MVP Albert Pujols

17 May, 2021

  -posted by Daniel Mogollon, Staff Writer; Image: Albert Pujols is a 10-time All-Star. (Image Source: Steph Chambers / Getty Images) LOS ANGELES – The Los Angeles Dodgers......More

Get Published

Want to publish your own articles?

Create an account, and submit your articles, photos and/or videos. They will be reviewed by our professional copy editors, and if it is approved, it will be published for all our readers to view.