#Phishing ploy targets COVID-19 vaccine distribution effort

IBM security researchers say they have detected a cyberespionage effort using targeted phishing emails to try to collect vital information on the World Health Organization’s initiative for distributing COVID-19 vaccine to developing countries.

The researchers said they could not be sure who was behind the campaign, which began in September, or if it was successful. But the precision targeting and careful efforts to leave no tracks bore “the potential hallmarks of nation-state tradecraft,” they said in “cold chain” needed to ensure coronavirus vaccines get the nonstop sterile refrigeration they need to be effective for the nearly 3 billion people who live where temperature-controlled storage is insufficient, IBM said.

“Think of it as the bloodline that will be supplying the most vital vaccines globally,” said Claire Zaboeva, an IBM analyst involved in the detection.

Whoever is behind the operation could be motivated by a desire to learn how the vaccines are best able to be shipped and stored—the entire refrigeration process—in order to copy it, said Nick Rossmann, the IBM team’s global threat intelligence lead. Or they might want to be able to undermine a vaccine’s legitimacy or launch a disruptive or destructive attack, he added.

In the ploy, executives with groups likely associated with the initiative known as Microsoft said it had detected mostly unsuccessful attempts by state-backed Russian and North Korean hackers to steal data from leading pharmaceutical companies and vaccine researchers. It gave no information on how many succeeded or how serious those breaches were. Chinese state-backed hackers have also targeted vaccine makers, the U.S. government said in announcing criminal charges in July.

Microsoft said most of the targets—located in Canada, France, India, South Korea and the United States—were researching vaccines and COVID-19 treatments. It did not name the targets.

On Wednesday, Britain became the first to country to authorize a rigorously tested COVID-19 vaccine, the one developed by American drugmaker Pfizer and Germany’s BioNTech.

Other countries aren’t far behind: Regulators not only in the U.S. but in the European Union and Canada also are vetting the Pfizer vaccine along with a shot made by Moderna Inc. British and Canadian regulators are also considering a vaccine made by AstraZeneca and Oxford University.

The logistical challenges of distributing vaccines globally are huge. The Pfizer-BioNTech one must be stored and shipped at ultra-cold temperatures of around minus 70 degrees Celsius (minus 94 degrees Fahrenheit).

© 2020 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.