The malicious emails came with requests for quotations for participation in the, which was set up by Gavi, the Vaccine Alliance and UNICEF in 2015 to increase efficiency in the vaccine supply chain. Inside the emails was a link to an HTML file, rather than a website, which asked the recipient to enter their corporate network log-in credentials, which would then be passed to the hackers.
“This phishing technique helps attackers avoid setting up phishing pages online that can be discovered and taken down by security research teams and law enforcement,” said Claire Zaboeva, senior cyberthreat analyst at IBM Security X-Force. “Historically, we’ve seen sponsored adversaries opt for disruptive attacks of critical infrastructure—and make no mistake, the cold chain is critical infrastructure. So nothing is off the table.
DHS’ Cybersecurity and Infrastructure Security Agency issued its own warning on Thursday. “CISA encourages all organizations involved in vaccine storage and transport to harden attack surfaces, particularly in cold storage operation, and remain vigilant against all activity in this space.
A Gavi spokesperson added: “Gavi has strong policies and processes in place to prevent such phishing attacks and hacking attempts. We are working closely with our partners on security awareness to continue to strengthen these best practices.”
Virus is 21st century warfare. Donald Trump called it Chinese virus, have in mind that those who wants to change people's mind are the one that orchestrated this virus. Read deeper
shit. we do not need this. kris_lovaas
Such hackings Should be appreciated. if the vaccine is discovered but is kept secret and is not used to save people frm this brutal pandemic.
Next generation warfare
'Most likely' means this is nothing but conjecture.