8266337488?profile=RESIZE_400xAs the Covid virus marches on, many are seeing the light at the end of the tunnel.  Each day brings us a little closer to the approval and distribution of COVID-19 vaccines in the US, UK and close in many other countries.  According to the US Health and Human Services (HHS) Secretary Alex M. Azar II, officials with Operation Warp Speed (OWS) report that 20 million doses of the COVID-19 vaccine could be distributed this month.  ”We are planning to be ready when [an emergency-use authorization by the Food and Drug Administration (FDA) is approved; and when the final decision comes through, distribution to the American people becomes immediate within 24 hours.  That’s our goal. That’s what we’re striving for,” said OWS Chief Operating Officer General Perna.

UK citizens are also set to receive shots of a vaccine created by Pfizer and the German company BioNTech, which began on the 8th of December.  The UK is the first Western country to issue approval for emergency use.  Other countries, such as Indonesia, will soon begin vaccinations as well.  Indonesia just received its first shipment of 1.2 million doses from China’s Sinovac Biotech Ltd.

While arrival of these vaccines is a relief, it is also an especially critical moment for those working to create, transport and distribute the vaccines.  A key component of vaccine distribution is the cold storage supply chain, which keeps vaccines within recommended temperature ranges from the point of manufacture to the point of administration.

Earlier this week, IBM warned of a global spear-phishing campaign which is targeting the COVID-19 cold chain.  Organizations targeted were likely associated with Gavi (the Global Alliance for Vaccines and Immunization), a global vaccine alliance that brings together public and private sectors with the shared goal of creating equal access to new and underused vaccines for children living in the world’s poorest countries.  These cyber-attacks are targeting six countries and included the European Commission’s Directorate-General for Taxation and Customs Union, as well as organizations within the energy, manufacturing, website creation, and software and internet security solutions sectors. Malicious hackers are sending emails posing as a biomedical company to executives to harvest credentials for wider network access.

While it is currently unknown who is behind the attacks, the IBM report says that, “the precision targeting and nature of the specifically targeted organizations potentially point to nation-state activity.”  In response to this news, the US Department of Homeland Security - Cybersecurity and Infrastructure Security Agency (CISA) is encouraging organizations involved in OWS and with vaccine storage and transportation to review the IBM report for more information, including indicators of compromise.  The CISA provides security tips on avoiding social engineering and phishing attacks.[1]

Red Sky Alliance has been tracking cyber criminals for years.  Throughout our research we have painfully learned through our clients that the installation, updating and monitoring of firewalls, cyber security and proper employee training are keys to success, yet woefully not enough.  Our current tools provide a valuable look into the underground, where malware like all the different variants of malware are bought and sold, and help support current protections with proactive underground indicators of compromise.  Please feel free to contact our analyst team for research assistance and Cyber Threat Analysis for your organization.

Red Sky Alliance has been has analyzing and documenting cyber threats and vulnerabilities for over 9 years and maintains a resource library of malware and cyber actor reports. Malware comes and goes, but often is dusted off and reappears in current campaigns.  

Red Sky Alliance is   a   Cyber   Threat   Analysis   and   Intelligence Service organization.  For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com  

Weekly Cyber Intelligence Briefings:
https://attendee.gotowebinar.com/register/8782169210544615949

 

 

[1] https://www.ndtahq.com/hackers-target-covid-19-vaccine-supply-chain-just-as-world-begins-vaccinations/

 

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!