COVID-19 vaccine ‘cold chain’ target of cyber attacks

Updated Dec 6, 2020

The federal Cybersecurity and Infrastructure Security Agency reports efforts are being made to gain illicit access to the distribution chain of COVID-19 vaccines.

The agency today said IBM X-Force released a report on “malicious cyber actors targeting the COVID-19 cold chain — an integral part of delivering and storing a vaccine at safe temperatures.” The IBM report said those so-called “cyber actors” are impersonating a biomedical company, and are sending phishing and spearphishing emails to executives and global organizations involved in vaccine storage and transport to harvest account credentials. The emails have been posed as requests for quotations for participation in a vaccine program.

IBM says the campaign was uncovered by a security team it set up at the start of the COVID-19 pandemic to track possible cyber-threats.

The BBC reports, “The attackers’ identity is unclear — but IBM said the sophistication of their methods indicated a nation state.”

The CISA said it encourages Operation Warp Speed organizations and organizations involved in vaccine storage and transport to review the IBM X-Force report Attackers Are Targeting the COVID-19 Vaccine Cold Chain for more information, including indicators of compromise.

For tips on avoiding social engineering and phishing attacks, see CISA Insights: Enhance Email & Web Security.