https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Cybersecurity Roundup

IBM: Cybercriminals Could Disrupt COVID-19 Vaccine Supply Chain

  • Written by Edward Gately
  • December 4, 2020
The COVID-19 vaccine campaign has the components of a state-sponsored attack.

Cybercriminals are targeting the COVID-19 vaccine supply chain, and if successful they could destroy cargo loads of the life-saving vaccines.

That’s according to IBM Security X-Force’s latest threat research. It discovered a campaign against the COVID-19 vaccine cold chain.

Pfizer and Moderna have announced promising results from their COVID-19 vaccine trials. Therefore, countries are initiating the process of distributing vaccines. However, these vaccines rely on temperature-controlled environments, also known as the cold chain, for distribution.

IBM Security X-Force discovered a targeted operation against the COVID-19 vaccine cold chain that supports the Gavi Alliance and UNICEF’s’ efforts to safely transport a vaccine to underdeveloped regions. Moreover, these regions rely on external aid to store their medicines in temperature-control environments.

The COVID-19 vaccine campaign has the components of a state-sponsored attack.

IBM's Claire Zaboeva

IBM’s Claire Zaboeva

Claire Zaboeva is senior cyber threat analyst with IBM Security X-Force.

“The COVID-19 cold chain represents a new kind of global critical infrastructure,” she said. “If damaged or disrupted, it is possible cargo loads of life-saving vaccines could be destroyed.”

Malicious actors sought to harvest credentials to likely gain illegal access to targeted environments, Zaboeva said. Should they gain presence on the system, they may carry out a multitude of attacks. Those include collecting sensitive or critical information, to even conducting disruptive or destructive attacks.

“The compromise of any of the targeted organizations, which maintain direct ties to multiple national government networks associated with trade and regulation, may serve as a single point of compromise impacting multiple downstream targets,” she said.

According to IBM Security X-Force’s research:

  • Attackers impersonated Haier Biomedical to conduct spear-phishing attacks against global organizations that provide material support to the cold chain. Haier reportedly is the world’s only complete cold chain provider.
  • Attackers targeted global organizations in at least six countries, including the European Commission’s Directorate-General for Taxation and Customs Union, petrochemicals, solar panel companies and more organizations across other industries.
  • Attackers attempted credential harvesting to access sensitive information pertaining to COVID-19 vaccine transport and distribution.

“All security providers worldwide will need to collaborate in defending this emerging infrastructure,” Zaboeva said. “Likewise, at the corporate level, companies need to cultivate a culture of cyber awareness, one that includes an active security posture that has a practiced incident response plan in place.”

Zaboeva offers the following suggestions for targeted organizations:

  • Trust but verify. Now is the time to scrutinize everything from your partners. Pick up the phone and call them to confirm emails or unsolicited attachments are really from them.
  • Limit employee access to sensitive information. Only provide access to those who need it for their roles.
  • Use multifactor authentication (MFA) across your organization. This is an extra layer of defense that stops a bad guy from getting in even if they do succeed in getting your username, email and password.

It’s very possible this is just the start of attacks on the COVID-19 vaccine supply chain as initial distribution nears, Zaboeva said.

“Given global demand for a life-saving vaccine, it is highly likely advanced insight into the secure cold chain transport underpinning the worldwide distribution of vaccines represents a continuing high-value target for both state-sponsored threats and independent cybercriminals,” she said.

RiskIQ: Universities Increasingly Under Attack

Twenty universities globally have been subject to phishing campaigns since July, according to RiskIQ‘s “Shadow Academy” report.

The attacks are similar to the Iranian company Mabna Institute. It illegally gains access to non-Iranian scientific resources through computer intrusions.

RiskIQ has named the actors identified during this research as “Shadow Academy.”

Among the key findings:

  • The credential-harvesting URLs focused mainly on popular services like Amazon, Instagram and online banking.
  • A Louisiana State University (LSU)-themed student portal login page was the first identified target.
  • Library-themed attacks targeted 37%.
  • General access or student portal attacks targeted 63%.
  • Financial aid-themed attacks targeted 11%.

Many college campuses began releasing timelines for traditional on-campus operations in July, RiskIQ said. Research suggests that Shadow Academy actors timed the development of malicious infrastructure to take advantage of back-to-school chaos.

Universities have been a historically lucrative attack landscape for attackers such as Silent Librarian and w4coders. They knowingly take advantage of overwhelmed IT staff during the start of the school year.

Cory Kennedy is a threat researcher for RiskIQ. He said the attackers are typically attempting credential theft.

“Targeting students with Netflix phishing campaigns may…

  • Page 1
  • Page 2
  • Page 3
Tags: MSPs Cloud and Edge Endpoint MSSP Insider Training and Policies

Related


  • SMB cybersecurity
    SMBs’ Cybersecurity Risk Awareness Is Rising
    The majority of SMBs would switch MSPs for the right cybersecurity support.
  • Cybersecurity Roundup
    Democrats to Take Charge of Federal Cybersecurity in Election Aftermath
    Democrats will have their hands full when dealing with federal cybersecurity.
  • DC Capitol Riot
    US Capitol Rioters Pose Cybersecurity Threat Due to Device Access, Theft
    It's not yet known what all the rioters got their hands on or saw.
  • 2021 - The Year of Extortion
    Expect 2021 to Be Fraught with Cybersecurity Threats
    Ransomware, insider threats, VPNs, weak APIs. Here's what MSPs/MSSPs need to know for 2021.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Organizations’ COVID-19 Rush to Remote Work About to ‘Backfire’
  • FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers
  • Acronis Cyber Threats Report: 2021 Will Be 'Year of Extortion'
  • 8 Ways Fraud Email Can Compromise Your Back Office

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

Cyberattacks: Threat Hunters Conquer Unpredictability with 3 Measures

January 21, 2021

The Right Data Migration Tool Helps Schools Move to Cloud During COVID Crisis

January 19, 2021

Cloud-Based CRM: What SMBs Need to Know about Backup and Recovery

January 19, 2021

Webinars

View all

Who’s Behind the Mask? Hacker Personas Explained

January 26, 2021

Your Network Perimeter Has Changed

February 18, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

Why Subscription Business Model

January 15, 2021

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

#MSPs can inject predictability into #threathunting @Sophos #cybersecurity #ransomware dlvr.it/Rr4ffV https://t.co/Bztc2Yxwvc

January 22, 2021
ChannelFutures

.@RiskBased report shows decrease in #databreaches, jump in exposed records in 2020. dlvr.it/Rr4fcW https://t.co/PYiDMiJFbt

January 22, 2021
ChannelFutures

Legal experts say @VMware's #lawsuit against @nutanix's new CEO holds little weight. dlvr.it/Rr48FJ https://t.co/oLxPhgvgAt

January 21, 2021
ChannelFutures

bit.ly/2Y0kFZh twitter.com/Craig_Galbrait…

January 21, 2021
ChannelFutures

Our latest #Cybersecurity Roundup features @BitSight and @kovrrIns, @Vectra_AI and @AppOmniSecurity,… twitter.com/i/web/status/1…

January 20, 2021
ChannelFutures

.@solarwinds hackers target @Malwarebytes, impacting internal emails. #cybersecurity dlvr.it/RqzkZp https://t.co/aWqLjCCW9y

January 20, 2021
ChannelFutures

.@citrix $2.25 deal to acquire @wrike expands @CitrixPartners network into collaborative work management.… twitter.com/i/web/status/1…

January 20, 2021
ChannelFutures

.@Carbonite Migrate uses real-time replication to move workloads to #cloud with minimal risk and near-zero downtime… twitter.com/i/web/status/1…

January 20, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X