During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign targeting a German multinational corporation (MNC), associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutzausrüstung). The group has been commissioned to use their international contacts and expertise to obtain personal protective equipment (PPE) such as face masks and medical gear, particularly from China-based supply and purchasing chains.
IBM X-Force IRIS’ research indicates that the threat actors behind this campaign targeted more than 100 high ranking executives in management and procurement roles within this organization and its third-party ecosystem. Given the extensive targeting observed of this supply chain, it’s likely that additional members of the task force could be targets of interest in this malicious campaign, requiring increased vigilance. IBM X-Force IRIS has notified CERT BUND about this activity to further ensure members are aware.
This discovery represents a precision-targeting campaign exploiting the race to secure essential PPE. Based on our analysis, attackers likely intended to compromise a single international company’s global procurement operations, along with their partner environments devoted to a new government-led purchasing and logistics structure.
Targeting New Medical Equipment Procurement Structures
On 30 March 2020, German government officials met with several top German MNCs to establish new ‘framework agreements’ to commission these nine companies to leverage their access to foreign mar ..
Support the originator by clicking the read the rest link below.
