Experts from the US tech firm IBM on Thursday said they had detected a cyberespionage operation to target vital information on a World Health Organization (WHO) initiative for distributing the COVID-19 vaccine.
The cybersecurity researchers said they were not sure who was behind the effort, which began in September. They were also unable to say if it had been successful.
IBM said the precision targeting and techniques used by the hackers to cover their tracks bore "the potential hallmarks of nation-state tradecraft."
The hackers had gone through "an exceptional amount of effort," said IBM analyst Claire Zaboeva, who helped draft the report.
The online intruders had meticulously constructed booby-trapped emails sent in the name of an executive with Haier Biomedical, a Chinese firm that specializes in vaccine transport and biological sample storage.
The hackers had researched the correct make, model, and price of various refrigeration units to make the messages seem authentic, Zaboeva said.
"Whoever put together this campaign was intimately aware of whatever products were involved in the supply chain to deliver a vaccine for a global pandemic," she said.
IBM said the hackers had sent the bogus Haier emails to about 10 different organizations, although it only identified one target by name —the European Commission's Directorate-General for Taxation and Customs Union. The body handles tax and customs issues across the EU and has helped set rules on the import of vaccines.
The campaign's other targets were in countries including Germany, Italy, South Korea, and Taiwan. They appeared to be associated with the development of the "cold chain" needed to ensure coronavirus vaccines get the nonstop sterile refrigeration they need to be effective.
The targets included companies involved in the manufacture of solar panels, used to power vaccine refrigerators in warm countries, and petrochemical products that are used to derive dry ice.
rc/rt (Reuters, AP)