Experts say cyberattacks are happening as we approach COVID-19 vaccine release in US

J.R. Stone Image
Wednesday, December 9, 2020
Experts warn of cyberattacks ahead of vaccine release in US
As we get closer and closer to a COVID-19 vaccine release, there are major online security concerns. A major US cybersecurity company based in the Bay Area was hacked, and they say that may be the tip of the iceberg.

SAN JOSE, Calif. (KGO) -- As we get closer and closer to a COVID-19 vaccine release, there are major online security concerns.

Tuesday we learned that a major US cybersecurity company, FireEye, based here in the Bay Area was hacked and that may be the tip of the iceberg.

RELATED: Can companies force employees to take the COVID-19 vaccine?

"What is the biggest target we're looking at right now? The whole world is talking about the vaccine, there is nothing else," says cybersecurity expert Ahmed Banafa.

Banafa is a professor at San Jose State University and says with the release of the coronavirus vaccine happening in some countries and coming soon in others, cyber criminals have already gone to work.

"The health sector in the industry in the economy is the weakest one when it comes to any protection against hacking or cyberattacks," says Banafa.

In the most recent attack, FireEye, a company that has worked with the US government, confirmed they were hit by a government with "world class capabilities." It's unclear today what government that was.

EXCLUSIVE: Here's how millions were stolen in CA EDD scam

It's a story you'll only see on ABC7 News: More local charges are likely to be filed in an inmate unemployment benefits scam sweeping the country.

IBM recently uncovered a global phishing cyberattack targeting companies involved in the COVID-19 supply chain, which is a big deal as some of the vaccines have to be kept in very cold temperatures and require special locations and delivery.

Americold, the largest cold storage provider in the US, says they were recently hit by a cyberattack themselves.

While Banafa believes we may be better protected in the United States, he says don't click on any unknown links -- And that storage locations, delivery companies, and medical companies need to be ready.

"It could by hijacked physically or on a cyberattack anytime," says Banafa.

RELATED: CA could vaccinate 1 million people against COVID-19 this month

Here is the IBM press release regarding the alert they issued late last week:

December 3, 2020

"With Pfizer and Moderna announcing promising results from their COVID-19 vaccine trials, countries face a new challenge when it comes to widespread distribution of these effective vaccines: the cold chain. These vaccines require a cold chain, meaning a temperature-controlled supply chain that maintains the desired temperature range throughout distribution. New research from IBM Security X-Force reveals that the cold chain is being targeted in a precision phishing campaign.

IBM Security X-Force published threat research disclosing the discovery of a highly-targeted operation against the COVID-19 vaccine cold chain supporting the Gavi Alliance and UNICEF's efforts to safely transport a vaccine to underdeveloped regions. These regions also rely on external aid to store their vaccines in temperature-controlled environments. This campaign has the hallmarks of a state-sponsored attack.

Some of the elements detailed in IBM's research include:

- Attackers impersonated a key individual from a Chinese biomedical company to conduct spear-phishing attacks against global organizations that provide material support to the cold chain.

- Credential harvesting attempts against global organizations in at least six countries to access sensitive information pertaining to the vaccine transport and distribution.

The entities involved in this targeting are meticulously interlinked, warranting significant resources and time from the adversary to execute this campaign. IBM is putting out this research to alert the broader COVID-19 supply chain. To learn more about the campaign, read the full post on"

Here is the information Americold gave to the US Securities and Exchange Commission:

"On November 16, 2020, Americold Realty Trust (the "Company" or "Americold") determined that its computer network was affected by a cybersecurity incident. As a precautionary measure, the Company took immediate steps to help contain the incident and implemented business continuity plans, where appropriate, to continue ongoing operations. The Company has notified and is working closely with law enforcement, cybersecurity experts and legal counsel.

Security, in all its forms, remains a top priority at Americold, and the Company will continue to seek to take all appropriate measures to further safeguard the integrity of its information technology infrastructure, data and customer information."

If you have a question or comment about the coronavirus pandemic, submit yours via the form below or here.

Get the latest news, information and videos about the novel coronavirus pandemic here