Security News > 2021 > April > Phishing attack ramps up against COVID-19 vaccine supply chain

In a new report, X-Force said it recently discovered a series of phishing emails targeting 44 companies across 14 countries, all involved in the coronavirus vaccine cold chain, an aspect of the overall supply chain that ensures the safety of vaccines transported and stored in cold environments.
Seen last September, the phishing campaign deploys emails spoofing a business executive from Haier Biomedical, a legitimate member company of the COVID-19 vaccine supply chain and reportedly the world's only complete cold chain provider.
Lance Whitney: Why are cybercriminals interested in disrupting the COVID-19 vaccine supply chain?
Mike Puglia: Cybercriminals are motivated to disrupt the vaccine supply chain for the same reason that motivates most cybercrime: money.
Lance Whitney: Are there aspects of the vaccine supply chain that are most vulnerable? If so, what are the largest vulnerabilities?
Lance Whitney: What can organizations that are part of the vaccine supply chain do to prevent a cyberattack? What can they do to mitigate the damage if they are attacked?
News URL
Related news
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)