A tech company based in Armonk says it has uncovered a cyber threat that could attack plans to distribute coronavirus vaccines.
IBM says the global phishing scam affects at least six countries.
The security task force found cyber attackers impersonating a business executive from Haier Biomedical, a Chinese manufacturer and credible member-company of the vaccine supply chain.
IBM says persuasive phishing emails were sent to organizations likely involved with a vaccine cold chain, which is how vaccines are stored, refrigerated and shipped.
“If you’re behind the attack, it could be that you’re using this for espionage,” says Nick Rossman, who is on the IBM Security X-Force. “If you’re able to get on the network, you know getting those credentials are getting the keys to the castle, you’d be able to conduct a destructive attack and the intent would be to undermine legitimacy in the vaccine and our public trust in it.”
IBM says it believes a “nation-state” is behind the scam, but it’s unclear which one.
The company says it is working closely with the Department of Homeland Security on the issue.
