Global Phishing Campaign Targeting COVID-19 Vaccine Distribution Effort

Phishing COVID-19 vaccine

According to a blog posted by International Business Mechanics Corporation (IBM) security researchers, a global phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccine since September 2020.

According to IBM security researchers in a blog post, Claire Zaboeva and Melissa Frydrych, the phishing movement is dominant in mainly six regions across the world which includes, Italy, South Korea, Germany, Czech Republic, Greater Europe and Taiwan.

With each passing day, new results emerge against COVID-19 vaccines and some new developed COVID-19 vaccines need very low temperatures around -70 degrees Celsius in order to remain beneficial.

However, it takes extra hard work and challenges in transportation and storing vaccines. The IBM X-Force IRIS researchers stated that the phishing campaign’s main focus is around these “cold chain” part of the covid-19 vaccine distribution supply chain.

The main organization which is hit by this phishing campaign is Gavi, which is an international vaccine distribution organization. Gavi is also linked with Bill and Melinda Gates Foundation, WHO, UNICEF and many other renowned organizations.

To be very precise, the organization’s Cold Chain Equipment Optimizations Platform (CCEOP) was targeted. The hackers sent phishing emails to the Gavi’s executives by displaying the identity as a representative of Haier Biomedical, a material provider for CCEOP.

In the hacker’s email, the openers sensitive information is stored using HTML attachments, which can be possibly used in the future to get access to the restricted parts of the CCEOP system.

Read more: GoDaddy Employees Unknowingly Assisted Hackers in Cyberattacks

“We assess that the purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution,” the authors say in the blog post.

Furthermore, the authorities are yet to find the source behind the attack, however, the researchers believed that there may be an involvement of any state.

In the meantime, Cybersecurity and Infrastructure Agency (CISA) has already issued warning and alerted the concerned organizations and also suggested to read the report thoroughly.

Furthermore, IBM also recommends COVID vaccine distributors and storage companies to “be vigilant and remain on high alert during this time”.

Most Popular

To Top