Cyber-Criminals Target #COVID19 Vaccine

Cybersecurity analysts at IBM are urging cold-chain companies to be "on high alert" after discovering a spear-phishing scheme that targets global COVID-19 vaccine supply chains.

IBM Security X-Force created a threat intelligence task force dedicated to tracking down COVID-19 cyber-threats back when the current coronavirus outbreak exploded into a full-blown pandemic.  

Today the team announced that they had detected a global phishing campaign targeting organizations associated with the task of keeping coronavirus vaccines safely preserved at the correct temperature during storage and transportation.

The malicious campaign was launched in September 2020, striking at organizations in six different countries. Targeted organizations are likely associated with Gavi, the Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) program.

While IBM's team was unable to definitively say who was behind the campaign, researchers observed the lack of an obvious cash-out from the scheme and said the precision targeting of executives and key global organizations "hold the potential hallmarks of nation-state tradecraft."

Threat actors impersonated a business executive from Chinese company Haier Biomedical that is purportedly the only complete cold chain provider in the entire world. Haier, which is based in Qingdao, is a qualified supplier for the CCEOP program and a member company of the COVID-19 vaccine supply chain.

"Disguised as this employee, the adversary sent phishing emails to organizations believed to be providers of material support to meet transportation needs within the COVID-19 cold chain," wrote researchers. 

"W ..

Support the originator by clicking the read the rest link below.