Cybercriminals have leveraged the COVID-19 pandemic to stage various forms of cyberattacks, from ransomware takeovers of hospital systems to private network hacking. In a recent assessment, IBM cybersecurity analysts uncovered an email phishing scheme targeting global coronavirus vaccine supply chains. The tech giant urged cold-chain organizations to remain ‘vigilant.’ In this article at Security Intelligence, Claire Zaboeva and Melissa Frydrych share details of IBM Security X-Force’s report of phishing attacks.
What Does the Assessment Say?
According to the IBM report, the threat actor impersonated a business executive from Haier Biomedical, a member of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP program. The report reveals that the cybercriminal strategically chose to impersonate Haier Biomedical because the organization is purported to be the world’s only complete cold-chain provider.
Why Cold-Chain Organizations?
Cold-chain organizations play a crucial role in the vaccine supply chain by ensuring the safe preservation of vaccines in temperature-controlled environments during their storage and transportation. The purpose of this campaign was to harvest credentials and gain future unauthorized access. This unauthorized access allows the adversary to gain insight into internal communications, the process, methods, and plans to distribute the COVID-19 vaccine.
Was the Campaign Successful?
The calculated operation targeting cold-chain organizations started in September. IBM’s research is unclear if the phishing campaign was successful. However, given the unparalleled speed at which the vaccine is produced and transported globally through the supply chain, there is an increased probability that ‘the intended targets may engage with the inbound emails without questioning the sender’s authenticity,’ cites the report.
The IBM report states that some governments have already warned healthcare organizations about an increasing number of cyberattacks related to the pandemic, attempting to steal sensitive vaccine information. IBM had earlier uncovered similar phishing attacks in June on the medical protective gear supply chain.