A hacking campaign detected by IBM tried to attack the organizations involved in manufacturing, transporting and storing COVID-19 vaccines last year. Now it has been found to be a much bigger operation than was originally thought.
Nine things to know about the cyberattacks:
- IBM recently discovered an additional 50 files tied to spear-phishing emails that targeted 44 companies in 14 countries across Europe, North America, South America and Asia, according to an April 14 IBM blog post.
- Targets in spear-phishing campaigns at key organizations like warehousing and transportation include CEOs, company presidents, directors of finance and more.
- Attacks against the temperature-controlled supply chain known as the "cold chain" disrupt the already fragile process of shipping vaccines across the country and highlight the dangers of intellectual property theft, according to an April 14 Bloomberg report.
- Phishing emails were sent between Sept. 7 and 9, months before a COVID-19 vaccine was approved. IBM said this indicates the attackers were prepositioning themselves in global infrastructure.
- The email subject and contents discussed requests for quotes of cold chain equipment, a solar-powered vaccine refrigerator and an ice-lined refrigerator.
- The English language used in the email aligned with the expected educational background of the spoofed sender, IBM said.
- IBM continued to uncover similar phishing emails with similar themes and even the same PDF with a login screen prepopulated with the user's email address already as the user ID.
- IBM said it doesn't have clear attribution for the attacks, but it is highly likely that it's part of a nation-state operation.
- IBM did not mention whether the attacks were successful in getting people to log in to the spoofed web pages.