2 min read

Cyber Criminals Tried to Access COVID-19 Vaccine "Cold Chain"

Silviu STAHIE

December 03, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Cyber Criminals Tried to Access COVID-19 Vaccine "Cold Chain"

The COVID “cold chain” is now under attack, likely by a nation state, although the identity of the threat actors remains unknown, according to an IBM report.

Since the research into the pandemic began, threat actors have been trying to either hamper efforts into finding a cure or trying to steal precious research data. Over the course of 2020, numerous attacks on pharmaceutical companies and research laboratories have been thwarted, and it looks like this new attempts follows the same lines.

The cold chain is a component of the vaccine supply chain that preserves vaccines in temperature-controlled environments during storage and transportation.

Security researchers from IBM discovered a complex phishing campaign directed at the Cold Chain Equipment Optimisation Platform (CCEOP) of Gavi, the international vaccine alliance, according to a BBC report.

“The adversary impersonated a business executive from Haier Biomedical, a credible and legitimate member company of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP program,” said IBM. “The company is purportedly the world”s only complete cold chain provider. Disguised as this employee, the adversary sent phishing emails to organizations believed to be providers of material support to meet transportation needs within the COVID-19 cold chain.”

The attackers went after the European Commission”s Directorate-General for Taxation and Customs Union, along with organizations within the energy, manufacturing, website creation and software and internet security solutions sectors.

The goal of the attack was to gather credentials that would allow much wider access to the research and other transport infrastructure data.

“The adversary could gain insight into internal communications, as well as the process, methods and plans to distribute a COVID-19 vaccine,” according to the report. “This includes information regarding infrastructure that governments intend to use to distribute a vaccine to the vendors that will be supplying it. However, beyond critical information pertaining to the COVID-19 vaccine, the adversary”s access could extend deeper into victim environments.”

The Cybersecurity and Infrastructure Security Agency (CISA) has already warned of possible campaigns using this exact vector, and the threat actors will likely continue to try and gather credentials and research data.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Common Credentials Criminals Use in IoT Dictionary Attacks Revealed Common Credentials Criminals Use in IoT Dictionary Attacks Revealed
Silviu STAHIE

November 30, 2021

3 min read
Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown
Filip TRUȚĂ

November 29, 2021

2 min read
Social media firms will be forced to unmask online trolls, says Australia Social media firms will be forced to unmask online trolls, says Australia
Graham CLULEY

November 29, 2021

2 min read