Global efforts to produce and distribute a vaccine against Covid-19 could be threatened by cybercriminals, according to a new IBM study. At the start of the pandemic, IBM Security X-Force created a Threat Intelligence Task Force dedicated to tracking cyber threats against organizations that are part of the vaccine supply chain. While the team has been monitoring the vaccine supply chain for months, they recently uncovered a global phishing campaign targeting organizations associated with a Covid-19 cold chain. The cold chain is a component of the vaccine supply chain that ensures the safe storage of vaccines in temperature-controlled environments during storage and transport. According to IBM's analysis, the calculated operation began in September, covering six countries and specific organizations associated with The Vaccine Alliance's Cold Chain Optimization Platform (CCEOP) Gavi program.
Targeting the Covid-19 Supply Chain
The attacker behind the global phishing campaign began by posing as a business executive at Haier Biomedical, a member company of the Covid-19 vaccine supply chain, as well as a qualified provider for the CCEOP program. Disguised as an employee, the attacker sent phishing emails to organizations considered providers of material support to meet transportation needs within the Covid-19 cold chain. IBM believes that the purpose of the campaign may have been to collect credentials to gain unauthorized access to corporate networks and sensitive information related to vaccine distribution in the future. The attacker's targets included the European Commission's Directorate General for Taxation and Customs, as well as global organizations in Germany, Italy, South Korea, the Czech Republic, Greater Europe and Taiwan. working in the energy, manufacturing, website building, software, and cybersecurity industries. . Spear-phishing emails were sent to sales, purchasing, IT and finance executives who were likely involved in the company's efforts to support a vaccine cold chain. Governments around the world have already warned that foreign entities may attempt to conduct cyber espionage to steal vaccine information, and CISA has issued an alert on the matter encouraging organizations involved in Operation Warp Speed to review the Report of the IBM X-Force Attackers Target COVID-19 vaccine cold chain.