Hackers target COVID-19 vaccine cold chain
IBM researchers have discovered that the international supply chain for COVID-19 vaccines is being targeted by hackers.
Specifically targeted is the so-called “cold chain”, which keeps vaccines at the right temperatures during transport so that they don’t degrade.
The attack takes the form of a “global phishing campaign” against organisations providing the cold chain, beginning in September 2020 and spanning across six countries. Attackers impersonated an executive from Haier Biomedical and sent emails to other organisations to “harvest credentials”
In , Claire Zaboeva, Senior Strategic Cyber Threat Analyst, IBM, said: “While firm attribution could not be established for this campaign, the precision targeting of executives and key global organizations hold the potential hallmarks of nation-state tradecraft.” She went on to say: “IBM Security X-Force urges companies in the COVID-19 supply chain — from research of therapies, healthcare delivery to distribution of a vaccine — to be vigilant and remain on high alert during this time.”
The news comes as the UK became the first country in the world the Pfizer/BioNTech vaccine for use, with 800,000 doses on their way. That vaccine is precisely the type supported by the cold chain, as it needs to be stored at -70C, highlighting the need for cyber security as the vaccine rollout begins.
Chris Ross, SVP Sales, International, Barracuda Networks, commented: “Phishing scams have surged since the outbreak of Covid-19 and the UK’s first national lockdown, with our recent data showing that spear-phishing campaigns have been disproportionately targeting schools and Universities since the start of the pandemic. However, this is the first time that a significant phishing campaign has been used on a global scale to disrupt the progress of our battle with the coronavirus – this issue must be taken extremely seriously by all afflicted targets and organisations who have anything to do with the logistics, transport or distribution of the vaccine, who may have already been breached, and do not yet know it.”
Confluent announces new private cloud building platform
Confluent, a platform that sets data in motion, today announced Confluent for Kubernetes, the first platform purpose-built to bring cloud-native capabilities to data streams in private infrastructures.
Confluent for Kubernetes allows platform teams to bring much of the same cloud-native experience found within Confluent Cloud to their self-managed environments while enabling operations teams to retain control of their data and infrastructure. As a cloud-native solution, Confluent for Kubernetes helps achieve faster time-to-value and reduce operational burdens with a fully elastic and scalable cloud-native experience in private infrastructure.
“To compete in the digital realm, organisations need to quickly deliver personalised customer experiences and real-time operations, which are only possible with access to data from all environments and cloud-native advantages,” said Ganesh Srinivasan, Chief Product and Engineering Officer, Confluent.
“For organisations that need to operate on-premises, we’re bringing the benefits of cloud computing to their private infrastructure with Confluent for Kubernetes. Now, any company can build a private cloud service to move data across their business regardless of its environment.”
How can Confluent for Kubernetes help?
Organisations who are transitioning to the cloud or who need to keep workloads on-premises can use Confluent for Kubernetes’ cloud-native capabilities, including a declarative API to deploy and operate Confluent. According to the company, the platform also makes moving applications to the public cloud easier by ‘seamlessly migrating workloads to wherever your business needs them with the ability to connect and share data with Confluent Cloud’.
Enhanced reliability – As a cloud-native system, Confluent for Kubernetes detects if a process fails and will automatically restart processes or reschedule as necessary. Automated rack awareness spreads replicas of a partition across different racks, improving the availability of your brokers and limiting the risk of data loss.
Automated elasticity – Meet changing business demands with the ability to scale up using API-driven operations. The platform will automatically generate configurations, schedule and run new broker processes, and ensure data is balanced across brokers so that clusters can be efficiently utilised.
Simplified infrastructure management – Confluent for Kubernetes extends the Kubernetes API, enabling organisations to define the desired high-level state of clusters rather than manage all the low-level details. This infrastructure-as-code approach reduces the operational burden and achieves a faster time to value, while enhancing security with standards that can be easily and consistently deployed across an organisation.