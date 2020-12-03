iStock/kzenon

Talk about cold-hearted criminals!

IBM announced Thursday that its special threat intelligence task force had uncovered “a global phishing campaign targeting organizations associated with a COVID-19 cold chain.” This effort to infiltrate a supply chain that literally billions of people are relying on to put an end to the pandemic spanned at least six countries and appeared to be the product of “nation-state activity.”

“The purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution,” IBM explained. The company said it “followed responsible disclosure protocols and notified the appropriate entities and authorities about this targeted operation.”

IBM cybersecurity analysts shared several best practices to keep data secure that also were good advice for any supply chain, “cold” or not. They were:

Create and test incident response plans.

Share and ingest threat intelligence.

Assess your third-party ecosystem.

Apply a zero-trust approach to your security strategy.

Use multifactor authentication across your organization.

Conduct regular email security educational training.

Use endpoint protection and response tools.

This wasn’t the first time criminals had attempted to access and exploit a supply chain related to pandemic relief. “Earlier in 2020, IBM Security X-Force uncovered activity surrounding the targeting of a global COVID-19 PPE supply chain,” threat analysts Claire Zaboeva and Melissa Frydrych wrote. “Similarly, as the global competition races for a vaccine, it is highly likely the cold chain is a compelling target that will be at the top of the lists of national collection requirements worldwide.”

Much more information about the cold-chain attack is available in Zaboeva and Frydrych’s memo.