Spear phishing attacks trying to disrupt COVID-19 vaccines

In the last few weeks we have seen numerous good news stories about the availability of effective vaccines for the COVID-19 virus. The Pfizer/BioNTech vaccine was approved for use in the UK this week, with millions of the vaccines due to be delivered over the next few months.

The headlines are all positive but the real hard work now needs to be focused on the logistics of getting the vaccines from the manufacturing facilities into the hands of the health professionals and consequently being able to vaccinate the population.

However, it has been reported by IBM that this supply chain network has been targeted by cyber criminals through a number of actions including Spear Phishing, which is defined as a targeted approach to one source or person to try to compromise secure details. In this case IBM say that the focus is specifically on the “cold chain” – the logistics of keeping the vaccines at the right temperatures whilst in transit.

IBM have tracked a number of attempts to gain unauthorised access to parts of the supply chain, with one particular attack using phishing emails that appears as if it is from a genuine Chinese company who are part of the Cold Chain Equipment Optimisation Platform of Gavi (CCEOP) – a global organisation set up to facilitate the safe distribution of vital medicines, including vaccines, across the globe. Emails will be sent to organisations who need to work with CCEOP trying to entice them to share confidential details or asking them to log onto bogus websites that could be hosting malicious content such as malware, ransomware and spyware.

There is a danger that illegitimate third parties could not only be looking at ways in which they can disrupt the distribution of legitimate vaccines but also insert fake items into that supply chain. The issue of fake medicines is a huge headache for governments across the world – an illicit industry estimated to be worth USD$4.4 billion according to a recent report by the Organization for Economic Cooperation and Development (OECD) and the European Union Intellectual Property Office (EUIPO). Any threat of fake medicines being in the supply chain would be devastating.

We have to be thankful of organisations like IBM who continue to monitor attempts to disrupt the journey of the vaccine and the hope that billions of people around the globe have for the protection against this deadly virus.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s