Logistics providers and other cold supply chain participants received government warnings in early December that hackers were targeting the Covid 19 vaccine distribution of the Pfizer product, just as it was beginning to be given to front line medical workers throughout the country.
This was different from the revelations that surfaced two weeks later in the news media concerning a massive cyberattack perpetrated on the computer systems of various federal government agencies.
That warning came after the IBM Security X-Force discovered a global phishing campaign that began last September targeting organizations associated with the Covid 19 logistics cold chain.
Soon after, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency joined with the FBI in issuing a joint security report about the phishing campaign.
The agencies warned organizations participating in Operation Warp Speed and those involved in the storage and transport of the vaccine that they should take heed of the IBM report.
It was also recommended that companies and other organizations believed to be potential targets should follow the security advice and recommended practices issued by CISA to help them enhance email and Web security.
As of this writing, no evidence of any such attacks beyond the phishing attempts has been reported. Nor has there been any evidence reported about who could be responsible for planning the campaign of disruption and what their goals are.
Speculation has focused on possible nation-state actors, including the government of Russia, which was widely believed to have been behind the later attacks on U.S. government agency systems.
On the other hand, private criminal organizations have been behind devastating ransomware attacks on hospital computer systems in recent years that also started with phishing.