Saturday, January 23, 2021
  • Events
  • Interviews
  • Jobs
  • Community
  • Expert Blog
  • Whitepapers
  • Directory
Cloud7
  • Cloud
  • Hosting
  • Data Center
  • Linux
  • Security
  • More
    • Network/Internet
    • Development
    • Windows
    • Software
    • Hardware
    • Mobile
    • Big Data
    • Blockchain
    • Policy/Legislation
    • Video Games
  • Login
  • Register
No Result
View All Result
Cloud7
  • Cloud
  • Hosting
  • Data Center
  • Linux
  • Security
  • More
    • Network/Internet
    • Development
    • Windows
    • Software
    • Hardware
    • Mobile
    • Big Data
    • Blockchain
    • Policy/Legislation
    • Video Games
No Result
View All Result
Cloud7
No Result
View All Result

Home > Cyber Security > IBM alerts for COVID-19 supply chain

IBM alerts for COVID-19 supply chain

Cyber-attackers have been hitting the COVID-19 vaccine supply chain since September, according to IBM Security X-Force’s new research.

Seda Nur Cinar by Seda Nur Cinar
December 4, 2020 3:58 pm
in Cyber Security
3 min read
0 0
0
IBM alerts for COVID-19 supply chain
0
SHARES
23
VIEWS
Share on FacebookShare on TwitterShare on EmailFollow on Google News

Pfizer and Moderna announced promising results from their COVID-19 vaccine trials. These vaccines require a cold chain, meaning a temperature-controlled supply chain that maintains the desired temperature range throughout distribution. New research from IBM Security X-Force indicates that the cold chain is being targeted in a precision phishing campaign.

Spear-phishing emails

IBM Security X-Force created a threat intelligence task force dedicated to tracking down COVID-19 cyber threats against organizations that are keeping the vaccine supply chain moving. Their research shows that this calculated operation started in September 2020.

The purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution, according to IBM Security X-Force.

IBM Security X-Force explained the attacks, saying,

 “Spear-phishing emails were sent to select executives in sales, procurement, information technology and finance positions, likely involved in company efforts to support a vaccine cold chain. We also identified instances where this activity extended organization-wide to include help and support pages of targeted organizations,”

A nation-state activity

The COVID-19 phishing campaign spanned across six countries and targeted organizations likely associated with Gavi, The Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) program. Governments have already warned that foreign entities are likely to attempt to conduct cyber espionage to steal information about vaccines.

Read also:  CISA warns against cloud attacks
Phishing email sent to executives in organizations related to the COVID-19 vaccine supply chain.
Phishing email sent to executives in organizations related to the COVID-19 vaccine supply chain.

The spoofed phishing emails appear to originate from a business executive from Haier Biomedical, a Chinese company currently acting as a qualified supplier for the CCEOP program. While attribution is currently unknown, the precision targeting and nature of the specific targeted organizations potentially point to nation-state activity.

IBM Security X-Force recommends to defenders:

  • Create and test incident response plans to strengthen your organization’s preparedness and readiness to respond in the event of an attack.
  • Share and ingest threat intelligence. Threat-sharing initiatives and partnerships are essential to staying alert about the latest threats and attack tactics impacting your industry. IBM Security X-Force has been feeding this threat intelligence into the COVID-19 threat sharing enclave. At the onset of the pandemic, IBM made this enclave freely accessible to any organization in need of more eyes on cyber threats.
  • Assess your third-party ecosystem and assess potential risks introduced by third-party partners. Confirm you have robust monitoring, access controls and security standards in place that third-party partners need to abide by.
  • Apply a zero-trust approach to your security strategy. As environments continue to expand, managing privilege access becomes paramount to ensuring that users are only granted access to the data that is essential to their job.
  • Use Multifactor Authentication (MFA) across your organization. MFA works as a fail-safe if a malicious actor has gained access to your credentials. As a last line of defense, MFA offers a second form of verification requirement to access an account.
  • Conduct regular email security educational training so employees remain on alert about phishing tactics and are familiar with email security best practices.
  • Use Endpoint Protection and Response tools to more readily detect and prevent threats from spreading across the organization.
Read also:  mimik technology collaborates with IBM

 

See more Cyber Security News



Tags: CoronavirusCyber AttackIBMPhishing
More news
100k+
Sign up and
DISCOVER

Don't miss any update

  • Hosting industry news
  • Expanding community
  • Inspirational interviews
  • And more

Check your inbox or spam folder to confirm your subscription.

ShareTweetSendShare
Previous Post

Sectigo announces two acquisitions

Next Post

NethServer 7.9 released

Seda Nur Cinar

Seda Nur Cinar

Editor of Cloud7, Seda is a Linux and opensource enthusiast, security researcher and a web application developer.

Related News

GTT to enhance portfolio of managed security services

GTT to enhance portfolio of managed security services

January 21, 2021 1:23 pm
FireEye released auditing tools for SolarWind hack

FireEye released auditing tools for SolarWind hack

January 20, 2021 12:25 am
Atos acquire In Fidem to reinforce its cybersecurity position in Canada

Atos acquires In Fidem to reinforce its cybersecurity position in Canada

January 19, 2021 1:45 pm
cPanel announced TSR-2021-0001 updates

cPanel announced TSR-2021-0001 updates

January 19, 2021 2:22 am
Next Post
NethServer 7.9 released

NethServer 7.9 released

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's Choice

Project Lenix rebrands itself as AlmaLinux

Parler filed a lawsuit against Amazon

10 tech trends to look out for 2021

WhatsApp will share users’ data with Facebook

Five trends for data centers in 2021

DDoS, web application and bot attacks increased in 2020

CloudLinux introduced its CentOS replacement: Project Lenix

HostArmada Affordable Cloud SSD Shared Hosting

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

Check your inbox or spam folder to confirm your subscription.

Recent News

  • Steadfast partners with NAKA to accelerate cloud migrations
  • EcoChain acquires land to build a green data center
  • Uptime Institute releases expanded 2021 education calendar
  • INAP to appoint Warren Greenberg as Vice President of US Sales
  • Quali raises $54 million in new funding
Moosend

Most Popular News

  • Parler.com domain transferred to Epik

    Parler.com domain moves to Epik

    0 shares
    Facebook 0 Twitter 0
  • Rackspace to provide AWS solutions to European Researchers

    0 shares
    Facebook 0 Twitter 0
  • Ubuntu 20.04 LTS (Focal Fossa) ISOs are ready to download

    1 shares
    Facebook 1 Twitter 0
  • Parler.com website back, but have some technical issues

    0 shares
    Facebook 0 Twitter 0
  • 7 best Linux mail servers

    1 shares
    Facebook 1 Twitter 0
  • GoDaddy gives details on AR15.com boot

    0 shares
    Facebook 0 Twitter 0
  • Red Hat unveils free RHEL for small production workloads

    0 shares
    Facebook 0 Twitter 0

Dome Binasi, Yesilce Mah. Dalgic Sok. No: 3/5 Kat: 1, Kagithane / Istanbul / Turkey

We bring you the latest news, articles, interviews, reviews, solutions, and videos related to cloud tech, data center, cyber security, web hosting, Linux and so on.

Read more

News Categories

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cyber Security
  • Linux
  • Network/Internet
  • Software
  • Development
  • Big Data
  • Blockchain
  • Hardware
  • Policy/Legislation

Our Free Modules

  • Events
  • Interviews
  • Jobs
  • Community
  • Expert Blog
  • Whitepapers
  • Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About Us
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2021 Cloud7: Data Center, Cloud Computing & Web Hosting News

No Result
View All Result
  • Cloud
  • Hosting
  • Data Center
  • Linux
  • Security
  • More
    • Network/Internet
    • Development
    • Windows
    • Software
    • Hardware
    • Mobile
    • Big Data
    • Blockchain
    • Policy/Legislation
    • Video Games
  • Events
  • Interviews
  • Jobs
  • Community
  • Expert Blog
  • Whitepapers
  • Directory

© 2021 Cloud7: Data Center, Cloud Computing & Web Hosting News

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.