Report: Cyber actors targeting COVID-19 vaccine supply chain

Dec 04, 2020 - 03:10 PM
Cybersecurity Lock on Gold Wall

The Cybersecurity and Infrastructure Security Agency yesterday alerted organizations to a global phishing and spearphishing campaign targeting the COVID-19 vaccine cold chain, the part of the supply chain used to store and transport a vaccine at safe temperatures. According to an IBM X-Force report, cyber actors impersonating a biomedical company have sent emails to executives and global organizations involved in COVID-19 vaccine storage and transport to harvest credentials. The emails have posed as requests for quotations to participate in a vaccine program. CISA encourages organizations to review the report for more information.

John Riggi, AHA senior advisor for cyber and risk, said, “This alert demonstrates the need to remain vigilant and educate staff of the perils of phishing emails, the number one attack vector by cyber adversaries, because frankly it works and is fairly simple. However, the impact of clicking on a phishing email in the context of vaccine distribution could have broad public health implications.”

For more on cybersecurity and risk issues, hospital and health system leaders may contact Riggi at jriggi@aha.org.

Related News Articles

Headline
NIST says critical vulnerability found in 7-Zip archiving software
A critical vulnerability has been identified in 7-Zip, a free software program used for archiving data, according to the National Institute of Standards and…
Headline
Agencies release guide to protect against bulletproof hosting provider cybercrimes 
U.S. and international agencies Nov. 19 released a guide on mitigating potential cybercrimes from bulletproof hosting providers. A BPH provider is an internet…
Headline
CDC data shows rise in flu, COVID-19 cases across states 
Flu cases are growing or likely growing in 39 states, according to the latest Centers for Disease Control and Prevention data from Nov. 11. COVID-19…
Headline
Agencies release updated guidance to combat Akira ransomware following recent attacks
A joint advisory issued yesterday by U.S. and international agencies provides updated guidance to defend against the Akira ransomware group, which…
Headline
Agencies release guidance on Microsoft Exchange server best practices
The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners released joint guidance Oct. 30 on best practices for…
Headline
Recall issued for mislabeled potassium chloride
The Food and Drug Administration yesterday published an announcement from Otsuka ICU Medical saying that the company issued a voluntary recall for a mislabeled…