- Joined
- Dec 3, 2020
- Messages
- 1,527
Attackers may be interested in data regarding the development of vaccines against coronavirus.
The IBM X-Force team discovered a targeted phishing operation against an unnamed German company. As the researchers explained, the company is part of a working group created by the German government to ensure the uninterrupted provision of medical personnel with personal protective equipment (PPE).
During the COVID-19 pandemic, PPEs are more in demand than ever, and countries around the world are competing with each other in the purchase of masks and other protective equipment for medical staff dealing with patients. Like many other countries, Germany has enlisted the help of some of its largest companies to assist in procurement.
According to IBM X-Force experts, the malicious operation they discovered was aimed specifically at this company precisely because it was part of the government working group to provide medical personnel for personal protective equipment (attacks began immediately after the company joined the group). Moreover, the operation is part of a plan by an unknown cybercriminal group to disrupt the supply of PPE in Germany.
According to the researchers, the attackers carefully thought out which department of the company and when to attack. Currently, attacks are at an early stage - attackers only send phishing emails in order to entice their credentials from employees. How they will act further, intercept employee communications, move along corporate networks, or both, is still unclear.
Who is behind the operation, ordinary cybercriminals or hackers funded by the government of a country, is also unknown. Nevertheless, having penetrated the company’s networks, government hackers can obtain valuable information on Germany’s purchases of personal protective equipment. This information may provide an advantage to a third-party state when making its own purchases.
However, there is another possible reason for the attacks on the company, said IBM Rossman, Nick Rossman. It is possible that hackers are not interested in PPE, but something more substantial - a vaccine against coronavirus.
“Once established in the networks of these organizations, they are likely to be able to access sensitive data regarding company resources and / or COVID-19 national resources, response strategies, and even, possibly, progress in vaccine development,” Rossman said.
The IBM X-Force team discovered a targeted phishing operation against an unnamed German company. As the researchers explained, the company is part of a working group created by the German government to ensure the uninterrupted provision of medical personnel with personal protective equipment (PPE).
During the COVID-19 pandemic, PPEs are more in demand than ever, and countries around the world are competing with each other in the purchase of masks and other protective equipment for medical staff dealing with patients. Like many other countries, Germany has enlisted the help of some of its largest companies to assist in procurement.
According to IBM X-Force experts, the malicious operation they discovered was aimed specifically at this company precisely because it was part of the government working group to provide medical personnel for personal protective equipment (attacks began immediately after the company joined the group). Moreover, the operation is part of a plan by an unknown cybercriminal group to disrupt the supply of PPE in Germany.
According to the researchers, the attackers carefully thought out which department of the company and when to attack. Currently, attacks are at an early stage - attackers only send phishing emails in order to entice their credentials from employees. How they will act further, intercept employee communications, move along corporate networks, or both, is still unclear.
Who is behind the operation, ordinary cybercriminals or hackers funded by the government of a country, is also unknown. Nevertheless, having penetrated the company’s networks, government hackers can obtain valuable information on Germany’s purchases of personal protective equipment. This information may provide an advantage to a third-party state when making its own purchases.
However, there is another possible reason for the attacks on the company, said IBM Rossman, Nick Rossman. It is possible that hackers are not interested in PPE, but something more substantial - a vaccine against coronavirus.
“Once established in the networks of these organizations, they are likely to be able to access sensitive data regarding company resources and / or COVID-19 national resources, response strategies, and even, possibly, progress in vaccine development,” Rossman said.