An IBM cybersecurity task force has identified a new phishing campaign that targets logistics operations across the supply chain for COVID-19 vaccines.
IBM Security-X Force’s analysis shows that the global campaign began in September and targeted organizations working to safely transport COVID-19 vaccines that needed to be stored at extremely low temperatures, IBM’s security intelligence division said in a blog post published Thursday.
The cyber threats involved six countries and targeted suppliers for the Cold Chain Equipment Optimization Platform initiative under The Vaccine Alliance. IBM traced the campaign to spear-phishing emails sent under the name of an executive at Chinese CCEOP supplier Haier Biomedical.
The email’s targets include entities in the cybersecurity, manufacturing, energy and economic sectors including the European Commission’s tax and customs component.
IBM cited recommendations such as establishing incident response strategies, sharing threat intelligence, evaluating third-party services, using endpoint protection and implementing zero-trust and multifactor authentication approaches.
The Cybersecurity and Infrastructure Security Agency reissued IBM’s analysis to alert participants in the government’s Operation Warp Speed vaccination initiative, Reuters reported Thursday.
IBM noted that it offers an enterprise intelligence management system designed to visualize threat intelligence in support of efforts to secure COVID-19 suppliers' cold-chain operations.