Cyber Attackers Threaten COVID-19 Vaccine Distribution Chain
Jason G. Weiss, Peter Baldwin, Faegre Drinker, December 8, 2020As COVID-19 vaccine approvals and eventual
distribution kicks into high gear, there has been a corresponding – and not
particularly surprising – increase in cyber threat activity targeting both
vaccine producers and other companies involved in the vaccine distribution
chain. Most notably, “cold chain” companies responsible for safely storing and
transporting the vaccines have been targeted. The problem has become so severe
that both the Federal Bureau of Investigation (FBI) and the Department ofHomeland Security’s Cybersecurity and Infrastructure Security Agency (CISA)
recently issued a joint security alert on December 3, 2020, highlighting the risk
to the coronavirus vaccine distribution chain.
The alert from the FBI and CISA follows on the
heels of an international security alert issued by Interpol warning
that there may be an onslaught of all types of criminal activity linked to the
COVID-19 vaccine by organized crime. On December 2, 2020, Interpol issued
an “Orange Notice” outlining potential criminal activity against
COVID-19 cold chain transporters and highlighting the risks associated with
online fraud linked to “advertising, selling and administering fake
vaccines.” Interpol warned that, as COVID-19 vaccines get closer to
approval and distribution, it will be critical to “ensure the safety of the
supply chain and identifying illicit websites and fake products.” Interpol also
advised member nations to warn the public about cyber threats associated with
websites purporting to offer information about vaccines. Notably, Interpol
found that, after reviewing over 3,000 websites of online pharmacies suspected
of selling illicit medicines and medical devices, “around 1,700 contained cyber
threats, especially phishing and spamming malware.”
The threat alert released by the FBI and CISA
included information provided by the IBM Security X-Force threat
intelligence task force, which is dedicated to monitoring COVID-19 cyber
threats. For example, the IBM intelligence report highlighted a recent global phishing
campaign targeting organizations associated with the COVID-19 vaccine
distribution chain, which targeted many leading COVID-19 vaccine producers. As
part of this campaign, cyber threat actors sent spear-phishing emails directly
to executives involved in sales, procurement, IT, and finance positions at
pharmaceutical companies involved in developing vaccines. In addition, the
cyber threat actors sent phishing emails in “Requests for Quotations” to
COVID-19 vaccine executives throughout the world. The emails contained
malicious HTML attachments in order to conduct “credential harvesting” attacks and
steal login and passwords for many of the victim’s accounts.
The IBM security intelligence report recommends
the following defenses to help combat cyber threats against the COVID-19
distribution chain:
·
Create
and test incident response plans
·
Share and
ingest threat intelligence
·
Assess
your third party ecosystem and assess potential risks
·
Apply a
zero-trust approach to your security strategy
·
Use
multifactor authentication (MFA) across your organization
·
Conduct
regular email security educational training
·
Use
Endpoint Protection and Response
Given the proliferation of cyber-attacks against
vaccine producers and the COVID-19 vaccine distribution chain, organizations
involved in vaccine development or distribution should carefully review and
study the recent threat alert from the FBI and CISA. Finally, in these
turbulent times, it is critical that everyone remain vigilant of the threats
surrounding the entire COVID-19 vaccine distribution chain.
© 2020 Faegre Drinker Biddle & Reath LLP. All Rights Reserved.
No comments:
Post a Comment