Cyber Security

COVID Vaccine Supply Chain Is Now the Target

Cybercriminals have leveraged the COVID-19 pandemic to stage various forms of cyberattacks, from ransomware takeovers of hospital systems to private network hacking. In a recent assessment, IBM cybersecurity analysts uncovered an email phishing scheme targeting global coronavirus vaccine supply chains. The tech giant urged cold-chain organizations to remain ‘vigilant.’ In this article at Security Intelligence, Claire Zaboeva and Melissa Frydrych share details of IBM Security X-Force’s report of phishing attacks.

What Does the Assessment Say?

According to the IBM report, the threat actor impersonated a business executive from Haier Biomedical, a member of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP program. The report reveals that the cybercriminal strategically chose to impersonate Haier Biomedical because the organization is purported to be the world’s only complete cold-chain provider.

Why Cold-Chain Organizations?

Cold-chain organizations play a crucial role in the vaccine supply chain by ensuring the safe preservation of vaccines in temperature-controlled environments during their storage and transportation. The purpose of this campaign was to harvest credentials and gain future unauthorized access. This unauthorized access allows the adversary to gain insight into internal communications, the process, methods, and plans to distribute the COVID-19 vaccine.

Was the Campaign Successful?

The calculated operation targeting cold-chain organizations started in September. IBM’s research is unclear if the phishing campaign was successful. However, given the unparalleled speed at which the vaccine is produced and transported globally through the supply chain, there is an increased probability that ‘the intended targets may engage with the inbound emails without questioning the sender’s authenticity,’ cites the report.

The IBM report states that some governments have already warned healthcare organizations about an increasing number of cyberattacks related to the pandemic, attempting to steal sensitive vaccine information. IBM had earlier uncovered similar phishing attacks in June on the medical protective gear supply chain.

Are you curious to learn more about the report? Click on

Show More

Nivedita Gopalakrishna

Nivedita Gopalakrishna is currently working as a Content Specialist with CAI. She has more than eight years of experience in blogging, copywriting, and ghost-writing. Nivedita started her career as a reporter/sub-editor in one of the reputed newspaper organizations in India. She went on to pursue her career as a content analyst in an Indian-based company, Brickwork India Pvt Ltd. Nivedita has assisted several overseas clients with SEO-friendly content for B2C copies, blogs, product descriptions, newsletters, sales letters, e-books, and research papers. When she is not at her computer, you can find her either reading vintage novels or singing Indian classical music.

Back to top button

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.