Covid-19 is far from over; even though the vaccine has emerged as a silver lining to this dark cloud, there is a lot more than what meets the eye. As per Proofpoint Threat’s Research Team, hackers are continuously preying on the fears of the people, who are fear-stricken over the spread of Covid-19.
As the vaccine drives continue to grow manifold, social engineering is used as a lure to carry out phishing, malware spreads, and business email compromises or more commonly known as BEC attacks. Throughout 2020 and into 2021, security researchers are warning people religiously on how hackers are using the pandemic to their advantage to launch a series of varied attacks. Such attacks are targeting businesses, by pretending to be vaccine manufacturers, authorized by WHO and DHL.
While the vaccine has become a reality, the levels of spam mails, malware and phishing attacks have also increased, causing people and enterprises in the United States, Canada, Germany and Austria to lose out on a lot of confidential information. The vaccine lures are centred around the fear people have in lieu of the pandemic and the future of the government-approved medical vaccines available to tackle the virus spread.
Some famous Covid’19 vaccine attacks in 2020-21
Who had thought Covid’s vaccine could also fall target to malware and other suspicious cyberattacks? There are a series of vaccines available these days; the most common amongst these are UK’s Oxford-AstraZeneca, the US’s Moderna, China’s Sinovac and Sinopharm, India’s Bharat Biotech and Russia’s Sputnik V.
In the year 2020, the US Justice Department indicted two Chinese nationals, who were supposedly spying on Moderna’s Covid research. The indictment report confirmed these hackers “conducted reconnaissance” against a Massachusetts biotech firm, which is known to be working on Moderna’s research.
Such reconnaissance activities are often centred around a range of activities, which include probing public websites for loopholes or even scouting important accounts for hacking possibilities. The FBI is working closely with the U.S. Department of Health and Human Services to keep hackers at bay. Similarly, there are two other medical research companies, which have been identified in the US, which have fallen prey to these malicious attacks. The names of these medical firms remain undisclosed.
A few months later, in October 2020, Dr Reddy’s Lab fell prey to a cyber-attack. Post attack, the pharmaceutical company had to shut down its plants, with an aim to isolate the attack’s extent. The Indian centre was host to the development of the Russian ‘Sputnik V’ vaccine. Some sites in the UK, India, Brazil, the US and Russia were badly impacted.
The company has not directly mentioned if the attack was for its Covid related research or not. But in the wake of similar attacks worldwide, one can only assume the real reason behind these phishing attacks. The attack had an adverse impact on the company’s shares, as it ended up losing a drastic portion of its market share value.
A month later, AstraZeneca faced a similar attack, which has been coined as “an intellectual property war”. North Korean hackers reached out to the organization’s staff members, posing as recruiters from LinkedIn and WhatsApp. Furthermore, they shared a series of malicious codes embedded within these job descriptions, to gain access to the victim’s computer.
Additionally, Reuters has also reported cybercriminals from Iran, China and Russia have tried to break into the research models of leading drug makers and even WHO’s databases. The struggle is real; western intelligence agencies, which includes the National Cyber Security Centre, have confirmed the COVID-19 vaccine research is one of its pivotal, yet critical assets.
Despite the massive attacks, the UK and other western countries are not very keen on pointing a finger at China and Russia, for fear of starting another verbal spat.
Methods used to spread malware through the vaccine news channel
While some well-known pharmaceutical companies around the world are being targeted by hackers, there are a few other ways that are doing the rounds.
Some other methods include:
- Phishing attacks: Since January 2020, there has been a massive increase in phishing campaigns within the healthcare industry. Such campaigns are being fueled by the need of the general public to get vaccinated and the need to be in touch with websites that provide Covid’19 updates.One such prominent phishing attack was on Office 365 accounts within the US and Canada. Through this campaign, hundreds of messages were circulated over a period of 4 days (it all began on January 1, 2021). These phishing emails were directing the recipients to click on a link that reads “confirm their email to receive the vaccine”.As soon the recipient clicks on the link, their Office 365 credentials were compromised. Since the Government name was also involved in this phishing link, the recipients were fooled into clicking the link.Some notable examples include:
b)40 Million COVID-19 Vaccine Dose Supply
c)[Vaccine manufacturer] COVID_19 Vaccine
- DHL Themed Phishing: On January 14, 2021, another medium-sized phishing campaign came to light, as hundreds of messages started targeting dozens of industries in the United States, Austria, and Germany. Such emails were urging victims to click a link so that DHL can deliver their packages. The idea behind this campaign was to steal the email login credentials of the recipients.The notable thing about this campaign was the subject line, which read:“COVID-19 vaccine distribution- Re-confirm your delivery address”With such a luring subject line, potential victims are bound to click on the link, thinking they are receiving the Covid’19 vaccine delivered at their doorstep.
Covid-19 vaccines might have been released as a ray of hope; however, it has also become a cause for concern, considering the increasing number of cyber-attacks, which are maliciously using the vaccine as a trojan horse to gain uneventful access into a victim’s personal details.