IBM has identified a threat to the supply chain that pharmaceuticals would use to distribute the COVID19 vaccine.
While plans to distribute a COVID-19 vaccine are in place, so are cyber threats aiming to attack the supply chain.
IBM’s Intelligence Security Task Force has uncovered a global phishing scam affecting at least half a dozen countries.
It says the cyber attackers are moving in on the COVID-19 vaccine distribution – specifically the “cold chain” supply process, which is how vaccines are stored, refrigerated, and shipped.
“We identified several organizations across six countries that were getting these very persuasive spear-phishing emails to be able to click get access to their networks,” says Nick Rossmann, of the IBM Security X-Force,
The tech company said it even found impersonators of a business executive from Haier Biomedical, a Chinese manufacturer and very credible member-company to distribute vaccines.
Supply chains are no stranger to scams – earlier this year, the PPE supply chain was also under attack.
Why sabotage efforts for a possible cure?
“If you’re behind the attack, it could be that you’re using this for espionage, so you want to learn how to create the cold chain…that’s going to be incredibly important for some countries that don’t have the industrial knowledge that we do,” says Rossman.
Rossman says another possibility is something more disruptive.
“Getting those credentials or getting the keys to the castle — you’d be able to conduct a destructive attack and the intent there would be to undermine legitimacy in the vaccine and our public trust in it,” he says.
IBM believes a ‘nation-state’ is behind the incident, but it’s currently unclear which one.
The tech company says it is working directly with the Department of Homeland Security.
