Yesterday, IBM’s cybersecurity issued details about a sophisticated, coordinated hacking campaign to penetrate the vital “cold chain” for the vaccines. The attackers were working to get access to how the vaccine is shipped, stored, refrigerated, and distributed.
In September, I had reported about Chinese and Russian
hackers trying to steal vaccine technology. In October, hackers attacked
American hospitals asking for ransom in many cases. Now the latest discovery finds
hackers interested in the cold chain.
*****
Haier Biomedical, a Chinese company, is perhaps the world’s
only complete chain provider. The hacker impersonated a business executive from
Haier, and sent phishing emails to organisations connected with the covid-19
cold chain. The email said “we want to place an order with your company”, and
included a draft contract. Haier biomedical is a reputed and legitimate company
in this business, so most recipients believed the emails. The draft contract
contained malware that would give the hackers access to the network.
*****
This is a well-planned attack with targets chosen systematically
and thoroughly. They included the European customs, something that can impact 27
countries. Energy companies providing solar panels were targeted. The solar
panels would provide power for the cold chain in places where electric supply
is not reliable. The hacking attack was launched in six countries. Along with vaccine
manufacturers; website, software and internet security solution sectors; UNICEF
which is planning delivery of vaccines to poorer countries were also targeted. The
vaccine alliance’s CCEOP (Cold Chain Equipment Optimisation Platform) was a targete.
The scale and coordination make security experts believe there is some State
behind these attacks. The same experts rule out China, because it is unlikely the
Chinese hackers would impersonate a Chinese company.
*****
What could be the reasons for the hacking?
It could be stealing of useful information – theft of
intellectual property. Criminals may want to illegally obtain a hot black-market
commodity; vaccines are likely to be scarce for at least six months. Ransom is
a popular motive. The hackers can lock up the distribution network, or the
energy supply, and ask for huge money to unlock it.
Or it could be pure evil – disruption and sabotage. A
similar motive as of those who fly airplanes into tall towers.
Considering the threat, FBI officials also issued a
warning yesterday.
*****
American media mentions North Korea and Russia as
probable suspects, without any proof yet. We may think of North Korea as a
backward nation, but in cyberattacks it is well advanced. They have been blamed for some of the most daring and damaging attacks, including the hacking of emails
from Sony Pictures in 2014; theft of $81 million from the Central Bank of Bangladesh
in 2016 and unleashing the Wannacry ransomware virus in 2017. Russia is a suspect
because there was some evidence in the hacking of vaccines and attacks on the
hospitals.
The attacks on American hospitals continue. Six
hospitals in the Vermont health network were attacked. Griffin hospital in Derby
had a major ransomware incident. Cyberattacks on America’s health systems have
become a pandemic of its own kind. Why don’t we see too many reports? Because
in many cases multimillion-dollar ransoms are demanded. It’s like family members
not going to the media after kidnappers demand money to release hostages. For
fear of losing reputation and patients, hospitals are trying to resolve the
issues without making too much noise about it.
In keeping with his character, Trump has complicated
matters by sacking Christopher Krebs, the director of CISA, the cybersecurity agency
responsible for defending critical systems, including hospitals and elections against
cyberattacks. Mr Krebs disputed Trump’s absurd claims of voter fraud.
*****
Within the war against the coronavirus, there are several
battles that need to be fought.
Ravi
दुष्टपणा
ReplyDeleteFrightening stuff. We really are at the mercy of such people
ReplyDelete