Security News > 2020 > December > State-Sponsored Hackers Likely Behind Attacks on COVID-19 Vaccine Cold Chain
An unknown threat actor that is likely sponsored by a nation state is believed to be behind a recent phishing campaign targeting the COVID-19 vaccine cold chain, IBM Security reported on Thursday.
The targets appear to be associated with the Cold Chain Equipment Optimization Platform of Gavi, the Vaccine Alliance, whose main goal is to improve access to vaccines in poor countries.
The attacks observed by IBM involved phishing emails apparently coming from an executive at Haier Biomedical, a Chinese firm that is qualified for the CCEOP program and which is said to be the only complete cold chain solutions provider in the world.
"However, the established role that Haier Biomedical currently plays in vaccine transport, and their likely role in COVID-19 vaccine distribution, increases the probability the intended targets may engage with the inbound emails without questioning the sender's authenticity," IBM Security explained in a blog post.
"Likewise, insight into the transport of a vaccine may present a hot black-market commodity advanced insight into the purchase and movement of a vaccine that can impact life and the global economy is likely a high-value and high-priority nation-state target."
News URL
Related news
- Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- Apple stops warning of 'state-sponsored' attacks, now alerts about 'mercenary spyware' (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks (source)
- Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks (source)
- State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage (source)
- REvil hacker behind Kaseya ransomware attack gets 13 years in prison (source)
- Kimsuky hackers deploy new Linux backdoor in attacks on South Korea (source)