IBM’s cybersecurity division has found that cyberattacks aimed at the companies and government agencies distributing the coronavirus vaccines are underway, although the goals are unclear. The Department of Homeland security issued their own warning of the attacks on Thursday.
The intention of the attacks seem to be to acquire network login credentials of those involved in the refrigeration process designed to protect the vaccine doses. The attacks are sophisticated enough to indicate government sponsorship, although it is unknown which government.
The attacks are spear phishing in nature, containing malicious HTML attachments to be opened locally.
Why do we care?
I need to acknowledge awareness as the first reason for this story, and it’s reasonably obvious example to educate customers on how sophisticated these attacks are.
That said, I want to highlight the perspective of the attackers here. They’ve identified the business opportunity in extortion of the supply chain around the vaccine, and anticipate the high value of the data and the information within. Using business terms, the cost of acquisition is relatively low for the potential payoff.
Frame your conversations with customers in this way. When told “I don’t have anything of value”, highlight that the effort to acquire them as a “customer” – clearly in quotes – is so low, that why not.
And at an SMB level… you can just license that software as an attacker.
Source: The NY Times
Source : CRN