Obviously, the upcoming distribution of vaccines against Covid-19 interests many malicious actors, and this goes through the Internet. After Microsoft which reported, two weeks ago, targeted cyberattacks against laboratories, it is IBM’s turn. The computer giant in turn claims to have detected attacks on the vaccine supply chain, the base of phishing (fake emails aimed at deceiving users to steal passwords).
These attacks began in September. They focused on companies related to the cold chain, according to IBM, which clearly suggests that this is a targeted campaign. In particular, the firm discovered fake emails from an executive of the Chinese company Haier Biomedical, which is effectively part of the vaccine supply chain. Under the pretext of wanting to place an order, these messages invite you to download infected attachments which can then be used to recover confidential information, such as identifiers for connecting to the servers of the companies concerned.
In any case, this is IMB’s assertion. Last week, in connection with the attacks on laboratories, we were talking about North Korea. As for the mobile, all the assumptions are possible. These attacks could be aimed at disrupting the supply chain and even the cold chain by breaking into technical systems, perhaps only to blackmail.
Another hypothesis: to try to seize doses of vaccines to resell them on the black market. Hackers may also want to gain a foothold in computer systems in the long run, in order to steal information in the future. It is not known whether these attacks by phishing were indeed successful, and so hackers were able to recover sensitive information.