Advertisement
World & Nation

Global COVID-19 vaccine distribution effort hit by cyberespionage

A vial of COVID-19 vaccine developed by AstraZeneca and Oxford University
A vial of a COVID-19 vaccine developed by AstraZeneca and Oxford University.
(John Cairns / Oxford University)
By Associated Press
Share
BOSTON — 

IBM security researchers say they have detected a cyberespionage effort using targeted phishing emails to try to collect vital information on the World Health Organization’s initiative for distributing COVID-19 vaccine to developing countries.

The researchers said they could not be sure who was behind the campaign, which began in September, or if it was successful. But the precision targeting and careful efforts to leave no tracks bore “the potential hallmarks of nation-state tradecraft,” the researchers said in a blog post Thursday.

The campaign’s targets, in countries and territories including Germany, Italy, South Korea and Taiwan, are probably associated with the development of the “cold chain” needed to ensure that COVID-19 vaccines get the nonstop sterile refrigeration they need to be effective for the nearly 3 billion people who live in places where temperature-controlled storage is insufficient, IBM said.

Advertisement

“Think of it as the bloodline that will be supplying the most vital vaccines globally,” said Claire Zaboeva, an IBM analyst involved in the detection.

Whoever is behind the operation could be motivated by a desire to learn how the vaccines are best able to be shipped and stored — the entire refrigeration process — in order to copy it, said Nick Rossmann, the IBM team’s global threat intelligence lead. Or they might want to be able to undermine a vaccine’s legitimacy or launch a disruptive or destructive attack, he added.

In the ploy, executives with groups probably associated with the initiative known as Covax — created by the Gavi vaccine alliance, the World Health Organization and other United Nations agencies — were sent spoofed emails appearing to come from an executive of Haier Biomedical, a Chinese company that’s considered the world’s main cold-chain supplier, the analyst said.
FILE - In this March 16, 2020, file photo, a subject receives a shot in the first-stage safety study clinical trial of a potential vaccine by Moderna for COVID-19, the disease caused by the new coronavirus, at the Kaiser Permanente Washington Health Research Institute in Seattle. According to results released on Tuesday, July 14, 2020, early-stage testing showed the first COVID-19 vaccine tested in the U.S. revved up people’s immune systems the way scientists had hoped. The vaccine is made by the National Institutes of Health and Moderna Inc. (AP Photo/Ted S. Warren, File)

World & Nation

Britain, U.S., Canada accuse Russia of hacking coronavirus vaccine trials

The Russia-linked hacking group Cozy Bear is targeting academic and drug research institutions developing a vaccine, nations say.

July 16, 2020

The phishing emails had malicious attachments that prompted recipients to enter credentials that could have been used to harvest sensitive information about partners vital to the vaccine-delivery platform.

Targets included the European Commission’s Directorate-General for Taxation and Customs Union and companies that make solar panels for powering portable vaccine refrigerators. Other targets were petrochemical companies, probably because they produce dry ice, which is used in the cold chain, Zaboeva said.

The EU agency has been busy revising new import and export regimes for COVID-19 vaccines and would be a gold mine for hackers seeking stepping stones into partnering organizations, she said.

Advertisement

Covax has struggled to raise enough money to compete for vaccine contracts against the world’s wealthiest nations in the race to secure doses as fast as they can be produced. But the U.N. and Gavi have invested millions in cold-chain equipment across Africa and Asia. The investment, in the works well before the pandemic, was accelerated to prepare for an eventual global rollout of COVID-19 vaccines.

A nurse inoculates volunteer Ilya Dubrovin, 36, with Russia's new coronavirus vaccine in a post-registration trials at a clinic in Moscow on September 10, 2020. - Russia announced last month that its vaccine, named "Sputnik V" after the Soviet-era satellite that was the first launched into space in 1957, had already received approval. The vaccine was developed by the Gamaleya research institute in Moscow in coordination with the Russian defence ministry. (Photo by Natalia KOLESNIKOVA / AFP) (Photo by NATALIA KOLESNIKOVA/AFP via Getty Images)

World & Nation

Seeking to expand their influence, China and Russia market coronavirus vaccines around the world

It could be a while before U.S. efforts to develop coronavirus vaccines benefit the developing world. China and Russia are trying to fill the void.

Oct. 28, 2020

Whoever was behind the phishing operation probably sought “advanced insight into the purchase and movement of a vaccine that can impact life and the global economy,” the blog post said. COVID-19 vaccines will be one of the world’s most sought-after products as they are distributed, so theft may also be a danger.

Last month, Microsoft said it had detected mostly unsuccessful attempts by state-backed Russian and North Korean hackers to steal data from leading pharmaceutical companies and vaccine researchers. It gave no information on how many succeeded or how serious those breaches were.

Chinese state-backed hackers have also targeted vaccine makers, the U.S. government said in announcing criminal charges in July.

Microsoft said most of the targets — located in Canada, France, India, South Korea and the United States — were researching vaccines and COVID-19 treatments. It did not name the targets.

More to Read

World & NationTechnology and the InternetHEALTHY
Associated Press

The Associated Press is an independent, not-for-profit news cooperative headquartered in New York City.

More From the Los Angeles Times

Advertisement