The hackers impersonated an executive with Haier Biomedical, a Chinese company that styles itself as “the world’s only complete cold chain provider.” They sent meticulously researched phishing emails that included an HTML attachment asking the recipient to input their credentials. They could have used that information later to gain access to sensitive networks.
The campaign, which IBM says has “the potential hallmarks” of a state-sponsored effort, cast a wide net. The company only named one target explicitly — the European Commission’s Directorate-General for Taxation and Customs Union — but said the campaign targeted at least 10 different organizations, including a dev shop that makes websites for pharmaceutical and biotech companies. The company doesn’t know if any of the attacks were ultimately successful in their goal.
Clearly, this is an evolution of the coronavirus-related cyberattacks we’ve already seen. In June, the UK’s GCHQ security and intelligence agency said hackers had been repeatedly trying to access sensitive data related to the country’s coronavirus response, including work it had done on a COVID-19 vaccine. The fact hackers are now targeting the cold chain is worrisome. Transporting and storing the vaccines that will help put an end to the pandemic is already tricky enough as it is without interference.