The hackers impersonated an employee of Chinese company Haier Biomedical, which is working with several agencies from the United Nations to facilitate cold chain supply lines. The hackers were phishing for legitimate login data that would give it access to essential networks along the vaccine distribution lines. It is yet unclear if the attack was successful.
“We assess that the purpose of this COVID-19 phishing campaign may have been to harvest credentials, possibly to gain future unauthorized access to corporate networks and sensitive information relating to the COVID-19 vaccine distribution.”
The task force was not able to identify the hackers or their location, although they did say that the campaign resembled that of a nation-state cyberattack. The U.S. federal Cybersecurity and Infrastructure Agency (CISA) alerted all organizations involved with vaccine distribution in the country and reminded them to be vigilant in their cybersecurity.
