Atlanta, United States; Bengaluru, Karnataka & Mumbai, Maharashtra, India: Since the onset of the COVID-19 pandemic, healthcare organizations have been combating a variety of unprecedented challenges. Ranging from fake coronavirus 'cures' to phishing attacks and scam calls, the pandemic continues to generate a myriad of monetization opportunities for cybercriminals. While most of the attention is being directed at the front line of patient care, organized cybercrime has escalated from all directions, testing cyber defences of healthcare organizations and logistics players to their limits. In response to this elevated problem area, CYBLE has introduced cutting-edge Defence Strategies & Intelligence to counter cybercrime threats attacking the COVID-19 vaccine value chain.
“In forums within the ‘dark web’, criminals continue to trade vast repositories of critical consumer information gathered illegally through data breaches and phishing attacks. In addition to the enormous COVID-19 related databases, there are critical concerns over the security of data held within the immense cold-chain logistics network handling the distribution of vaccines. No doubt, there is a clear and present danger from threat actors that are shifting their focus on the intricate logistics network and the cold chain subset within it. There is an urgent need to understand the threat and to pre-empt breaches,” said Mr. Beenu Arora, CEO of Cyble..
According to the US department’s Cybersecurity and Infrastructure Security Agency (CISA), cybercriminals are aggressively targeting the COVID-19 vaccine supply chain to elicit sensitive information on distribution schedules and plans. Technology giant IBM too has warned against hacker activity targeting the distribution network of Covid-19 vaccines. An incident recently uncovered by IBM brought to light a global phishing campaign bearing the signs of being a state-sponsored incident. As the crisis continues to reshape the global cyberthreat landscape, along with threat monitoring, the need of the hour is to train personnel at every step of the logistics value chain in handling their sensitive data responsibly.
“While every country is going to learn its way out of this crisis, healthcare and logistics companies in the firing line would do well to take as much preventative measures to counter data breaches and counterfeiting attempts. With the promise of vaccines being available abundantly in the near foreseeable future, the growing need of the hour is to strengthen our preparedness for addressing the potential challenges,” added Beenu.
With the threat actors’ identities still unknown, we have yet to discover the real intentions behind this predatory stalking. One can assume that key motives could include stealing the technology behind the refrigeration of the vaccines in transit or thwarting the companies’ attempts to ship the vaccines to intended destinations in lieu of others. Counterfeiting of vaccines could be another critical supply chain concern that may arise. In a country with a population close to 1.35 billion, it is not difficult to imagine an initial immunization shortage to emerge in India, giving rise to a plethora of surreptitious money-making opportunities for counterfeiters. As the whole world gears up for battling critical supply chain issues, such as temperature monitoring and inventory tracking of vaccines, there is a pressing need for shoring up cyber defences at every stage of the supply chain globally.
Cyble recommends bespoke strategies to high-risk entities to detect and counter attacks. Additionally, the company also offers the continuous monitoring of third-party/supply chain risks along with threat intelligence on its ‘Vision Platform’. It also recommends that healthcare organizations and their suppliers establish robust threat intelligence programmes to stay well-informed to be ahead of the intelligence stream. Cyble also advises companies to take proactive measures against cyberattacks at all stages of a vaccine’s production cycle, right from research to distribution.
Additional Reading: How Hackers Targeted The Covid-19 Vaccine Supply Chain; Vaccine Sold in Darkweb