The COVID-19 vaccine campaign has the components of a state-sponsored attack.
Cybercriminals are targeting the COVID-19 vaccine supply chain, and if successful they could destroy cargo loads of the life-saving vaccines.
That’s according to IBM Security X-Force’s latest threat research. It discovered a campaign against the COVID-19 vaccine cold chain.
Pfizer and Moderna have announced promising results from their COVID-19 vaccine trials. Therefore, countries are initiating the process of distributing vaccines. However, these vaccines rely on temperature-controlled environments, also known as the cold chain, for distribution.
IBM Security X-Force discovered a targeted operation against the COVID-19 vaccine cold chain that supports the Gavi Alliance and UNICEF’s’ efforts to safely transport a vaccine to underdeveloped regions. Moreover, these regions rely on external aid to store their medicines in temperature-control environments.
The COVID-19 vaccine campaign has the components of a state-sponsored attack.
Claire Zaboeva is senior cyber threat analyst with IBM Security X-Force.
“The COVID-19 cold chain represents a new kind of global critical infrastructure,” she said. “If damaged or disrupted, it is possible cargo loads of life-saving vaccines could be destroyed.”
Malicious actors sought to harvest credentials to likely gain illegal access to targeted environments, Zaboeva said. Should they gain presence on the system, they may carry out a multitude of attacks. Those include collecting sensitive or critical information, to even conducting disruptive or destructive attacks.
“The compromise of any of the targeted organizations, which maintain direct ties to multiple national government networks associated with trade and regulation, may serve as a single point of compromise impacting multiple downstream targets,” she said.
According to IBM Security X-Force’s research:
“All security providers worldwide will need to collaborate in defending this emerging infrastructure,” Zaboeva said. “Likewise, at the corporate level, companies need to cultivate a culture of cyber awareness, one that includes an active security posture that has a practiced incident response plan in place.”
Zaboeva offers the following suggestions for targeted organizations:
It’s very possible this is just the start of attacks on the COVID-19 vaccine supply chain as initial distribution nears, Zaboeva said.
“Given global demand for a life-saving vaccine, it is highly likely advanced insight into the secure cold chain transport underpinning the worldwide distribution of vaccines represents a continuing high-value target for both state-sponsored threats and independent cybercriminals,” she said.
Twenty universities globally have been subject to phishing campaigns since July, according to RiskIQ‘s “Shadow Academy” report.
The attacks are similar to the Iranian company Mabna Institute. It illegally gains access to non-Iranian scientific resources through computer intrusions.
RiskIQ has named the actors identified during this research as “Shadow Academy.”
Among the key findings:
Many college campuses began releasing timelines for traditional on-campus operations in July, RiskIQ said. Research suggests that Shadow Academy actors timed the development of malicious infrastructure to take advantage of back-to-school chaos.
Universities have been a historically lucrative attack landscape for attackers such as Silent Librarian and w4coders. They knowingly take advantage of overwhelmed IT staff during the start of the school year.
Cory Kennedy is a threat researcher for RiskIQ. He said the attackers are typically attempting credential theft.
“Targeting students with Netflix phishing campaigns may…
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.