Thursday

6th Oct 2022

Corona-hackers targeted EU officials with bogus emails

  • EU Commission HQ in Brussels: institutions are frequent target of state-sponsored attacks (Photo: European Commission)

Hackers, likely linked to a foreign state, have targeted the EU Commission with bogus emails to steal secrets on Covid-19 vaccines, according to US tech firm IBM.

The sting began in September 2020 and the "adversary impersonated a business executive from Haier Biomedical, a credible and legitimate member company of the Covid-19 vaccine supply chain and qualified supplier for the CCEOP programme," IBM said on Thursday (3 December).

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

  • Covid-19 vaccine is potential goldmine for malign actors (Photo: gsk.com)

Haier Biomedical is a Chinese firm that deals with refrigeration of vaccines in storage and transport.

The Cold Chain Equipment Optimisation Platform (CCEOP) is a UN-linked group in which private companies and public institutions work together to distribute drugs.

The fake executive, using the address yongbinxu@haierbiomedical.com, sent emails to people containing "malicious" links, which, when clicked, prompted the reader to disclose personal credentials.

Targets included EU officials in a commission department in Brussels dealing with customs and tax, who "could serve as a single point of compromise impacting multiple high-value targets across the 27 member states of the European Union and beyond," IBM said.

Targets also included staff in a German website-development company in the CCEOP, as well as other personnel in "sales, procurement, information technology, and finance positions" in "organisations within the energy, manufacturing, website creation, and software and internet security solutions" sectors in the Czech republic, Italy, and in what IBM called "greater Europe".

Organisations in South Korea and Taiwan also came under attack.

The idea was to use stolen information "to gain future unauthorised access to corporate networks and sensitive information relating to Covid-19 vaccine distribution," the US tech firm added.

IBM could not say who did it, but the signs "pointed to nation-state activity", it said.

The stolen data could also be "a hot black-market commodity", it added.

It was "unclear" if the attacks were successful, it noted.

But given that Haier Biomedical, the fake cover for the cyber-assaults, was so well-known in the vaccine-transport sector, it was probable "intended targets may engage with the inbound emails without questioning the sender's authenticity," IBM said.

The warning came as EU countries prepared to roll out massive corona-vaccination programmes in early 2021.

The EU has set aside €2 billion in its next budget to help defend commercial secrets in the single market from hackers, amid growing awareness of the threat.

EU institutions are frequently targeted by sophisticated villains.

"The majority of discovered, successful compromises of information in the GSC [general secretariat of the council] are from threat source level VERY HIGH (e.g. state-sponsored attacks)," according to an internal security document from the EU Council, which prepares member states' meetings in Brussels, seen by EUobserver.

'Scientific potential'

The EU, in July, stigmatised China, North Korea, and Russia as the world's worst culprits in its first-ever round of sanctions against cyber-crimes.

The UK, also in July, said Russian hackers had targeted Covid-19 researchers in Britain, Canada, and the US.

And China has been suspected of using more old-fashioned espionage to steal vaccine science in Belgium.

But speaking to EUobserver back in 2012, Alain Winants, the then head of the Belgian domestic intelligence service, the Dienst voor de Veiligheid van de Staat, said that, when it came to economic secrets, everybody was in on the act.

"It would be naive to think that only countries like Russia, China, Iran are spying [against the EU]," he said.

"There is one field where the difference between neutral, friendly, and unfriendly [intelligence] services tends to disappear and that's when you're talking about the protection of economic and scientific potential. In this case, I think every service is in competition with the others," Winants said.

Interview

Lithuania bids to host EU cyber-centre

Lithuania wants a new EU cyber-security centre to hang its flag in a historic TV tower in Vilnius, on one of Europe's modern front lines.

Cybercrime rises during coronavirus pandemic

Cybercrime and cyberattacks have increased due to the coronavirus outbreak. As a result, the World Health Organization, hospitals and research centres are being targeted by organised cybercriminals - searching for information, intelligence, and systems access.

Feature

Italy's mafias - boosted by Covid, now eyeing EU's billions

Italy's various mafias are allegedly exploiting the chaos caused by the Covid-19 emergency to infiltrate even deeper into sectors where they are already present, such as healthcare, mortuary services, and waste disposal (both medical and non-medical).

Opinion

The Greek Watergate

In the European Parliament hearing into espionage against Greek politicians and reporters, the spied-upon journalists recounted their experiences — but the non-answers provided by the Greek government official were embarrassing, confrontative, and institutionally vacant.

Investigation

NSO surveillance rival operating in EU

As European Parliament hearings into hacking scandals resume this week, an investigation led by Lighthouse Reports with EUobserver, Der Spiegel, Domani and Irpimedia reveals the unreported scale of operations at a shady European surveillance outfit.

News in Brief

  1. Thousands of Hungarian students and teachers protest
  2. Swedish MEP cuts hair mid-speech to support Iran women
  3. Danish general election called for 1 November
  4. Slovenia legalises gay marriage, adoption
  5. Russia's stand-in EU ambassador reprimanded on Ukraine
  6. France warns over incoming eighth Covid wave
  7. EU adds Anguilla, Bahamas and Turks and Caicos to tax-haven blacklist
  8. Czechs warn joint-nationality citizens in Russia on mobilisation

Stakeholders' Highlights

  1. Obama FoundationThe Obama Foundation Opens Applications for its Leaders Program in Europe
  2. The European Association for Storage of EnergyRegister for the Energy Storage Global Conference, held in Brussels on 11-13 Oct.
  3. EFBWW – EFBH – FETBBA lot more needs to be done to better protect construction workers from asbestos
  4. European Committee of the RegionsThe 20th edition of EURegionsWeek is ready to take off. Save your spot in Brussels.
  5. UNESDA - Soft Drinks EuropeCall for EU action – SMEs in the beverage industry call for fairer access to recycled material
  6. Nordic Council of MinistersNordic prime ministers: “We will deepen co-operation on defence”

Latest News

  1. EU wants to see US list on Russia financing of politicians
  2. Putin's twin aim: to break Ukraine and West's consensus
  3. Putin's diamond firm off the hook in EU sanctions
  4. The Iranian regime's expiration date
  5. Let's end Bulgaria and Romania's 11-year Schengen purgatory
  6. EU debates new pandemic-type loans to deal with crisis
  7. MEPs condemn EU Commission 'leniency' on Hungary
  8. Czech EU presidency wants asylum pledges to be secret

Stakeholders' Highlights

  1. EFBWW – EFBH – FETBBConstruction workers can check wages and working conditions in 36 countries
  2. Nordic Council of MinistersNordic and Canadian ministers join forces to combat harmful content online
  3. European Centre for Press and Media FreedomEuropean Anti-SLAPP Conference 2022
  4. Nordic Council of MinistersNordic ministers write to EU about new food labelling
  5. Nordic Council of MinistersEmerging journalists from the Nordics and Canada report the facts of the climate crisis
  6. Council of the EUEU: new rules on corporate sustainability reporting

Join EUobserver

Support quality EU news

Join us