We’ve talked before on this blog about COVID-19 related scams — particularly phishing scams — and what to look out for to protect yourself. The latest threat, which IBM uncovered, is of enormous concern because of its sheer scale and its target. This wasn’t just an attempt at petty fraud; this was an attempt to disrupt the COVID-19 vaccine cold supply chain.
For those who aren’t in the know, the cold supply chain is the part of the vaccine supply chain that preserves vaccines in temperature-controlled environments. At the beginning of the pandemic, the IBM Security X-Force created a task force specifically dedicated to finding any threats targeting organizations related to the vaccine supply chain worldwide. This latest threat against the cold supply chain was a phishing campaign targeting six countries: Germany, Italy, South Korea, Czech Republic, greater Europe, and Taiwan. The European Commission’s Directorate-General for Taxation and Customs Union was also targeted.
How the phishing attack played out
The malicious actors behind the attack targeted organizations in these countries through email by impersonating a business executive from Haier Biomedical, a Chinese company involved in the COVID-19 cold supply chain, and, significantly, the world’s only complete vaccine cold chain provider. The attackers sent emails to executives likely involved in the vaccine cold supply chain, working in sales, procurement, information technology, and finance. They also targeted support and help pages of some organizations’ websites.
IBM believes that the phishing campaign may have been an attempt to harvest credentials, possibly to gain further access to corporate networks and information regarding COVID-19 vaccine distribution. IBM Security X-Force has notified the targets and urges governments and organizations in charge of the vaccine’s storage and transport to be extra vigilant in the coming months.
While the multinational tech giant hasn’t yet uncovered who specifically was behind the attacks, IBM says that the types of attacks carried out, as well as the status of those who were targeted, suggests “potential hallmarks of nation-state tradecraft”. In other words, state actors with access to sensitive information.
You can find more details about the phishing scheme on the IBM website.
The sheer scale of this attack is a stark reminder that phishing is not something that should be taken lightly. With such high-scale, important targets, it’s a reminder that these kinds of attacks can be quite sophisticated and not always so easy to spot. To protect yourself online, you must know what to look out for if you suspect that you’re the target of an online scam. Our piece on the rise of cybercrime during the coronavirus is a helpful place to start.