Security News > 2020 > December > Crooks posing as COVID-19 'cold chain' company phished EU for vaccine intel, says IBM

An unidentified group of malicious sorts impersonated a so-called "Cold chain" company involved in COVID-19 vaccine distribution networks then targeted an EU governmental agency, according to IBM. Infosec researchers from Big Blue's X-Force threat intelligence unit "Uncovered targets across multiple industries, governments and global partners" involved in setting up the vaccine cold chain, it said in a blog post today.

The phishing campaign's operators reportedly posed as an executive from the Chinese arm of Haier Biomedical, a business IBM described as "a credible and legitimate member company of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP program."

CCEOP stands for Cold Chain Equipment Optimization Platform, an initiative to make sure there are enough fridges and refrigerated transport available between vaccine factories and vaccination sites.

Chris Ross, a Barracuda Networks veep, opined: "The purpose of today's concerted attack on the COVID vaccine supply 'cold chain' is likely to acquire leverage in a multimillion-pound ransomware attempt, to sell key data on the 'black market' to the highest international bidder, or, quite simply, to disrupt the UK's standing as the first country in the world to start vaccinating its citizens on a mass scale."

While IBM has not attributed the phishing campaign to any country or known hacking crew, it would be unusual for an intelligence-gathering campaign impersonating a Chinese company - even the Western divisions of a Chinese company - to originate from the West.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/12/03/ibm_phishing_covid/