Hackers Target COVID-19 Vaccine Cold-Chain Distribution



The race to stay ahead of hackers has become a race without a finish line.

Phishing and spear-phishing emails can override investments in cybersecurity by Third-Party Logistics (3PL) companies trying to keep pace with the recent increase in cyberattacks.

A new cyber threat connected to the COVID-19 puts a vital solution to the Pandemic at risk. Despite the care being taken to ensure a safe delivery, storage and distribution of vaccines, hackers (some suspected to be Nation-States) are seeking to disrupt the cold chain.

Even if your business is “cyber vigilant,” you may fall behind in the race toward cybersecurity.

Fraudsters may trick or manipulate employees to ma

ke errors, creating residual cyber risk – not detected or prevented by cybersecurity measures.

To be on surer footing, reach out to a specialized cyber insurance broker and cyber insurance carrier to ensure that you transfer your residual cyber risk for financial protection from cyber losses.

Hackers, Fraudsters, and Scammers

Since the COVID-19 Pandemic began, hackers, fraudsters, and scammers have focused extraordinary attention on potential cyber vulnerabilities -- whether for espionage or grift.

Once again, we see that cybercriminals have no shame or moral compass.

Wired reports on how hackers have set their sights on the long-awaited vaccines with a new round of sophisticated phishing attacks, focused on the complex supply chain that will get vaccines into people’s arms.

According to a report from IBM X-Force, a worldwide spear-phishing effort is underway targeting company executives at companies involved with the refrigerated supply chain infrastructure needed for COVID-19 vaccine distribution,

As discussed in our previous article, trucking and freight forwarding companies face cyber exposures that can overshadow the other losses, such as cargo theft, met in their day-to-day operations.

Cyber Risk to the COVID-19 Vaccine Cold-Chain

Our recent article on Third-Party Risk discussed how your business needs to ensure that third parties, such as business partners, suppliers, and vendors, are maintaining adequate cybersecurity levels. Logistics companies need to conduct vendor risk management assessments to confirm the cyber hygiene of vendors and suppliers.

Even with cybersecurity in place, hackers gain access to your computer systems and networks by tricking or manipulating your employees via social engineering.

Savvy fraudsters know how to manipulate our sense of trust when they produce these scams. People inside the company give bad actors access by providing login credentials based on fake phishing or spear-phishing emails, text messages, or phone calls—employees transfer money to fake bank accounts based on instructions in emails sent by imposters. Staff clicks on malicious links releasing malware into your network.

IBM reports that cybercriminals using precise spear-phishing targets indicate cyber espionage by nation-states more than simply monetizing cyberattacks by hackers.

Security researchers at IBM released findings that this campaign has targeted a significant number of those companies across six different countries for months.

“This activity took place in September, which means that someone’s looking to get ahead, looking to be where they need to be at the critical moment,” says Claire Zaboeva, a senior cyber threat analyst with IBM Security X-Force. “It’s the first time we’ve seen that level of pre-positioning within the context of the pandemic.”

IBM stresses the need for an incident response plan for the cold-chain supply chain, pre-tested, and ready to go if attacked.

Loss Prevention Action Steps

  • Train staff regularly on spotting potential threats and malicious emails. Most data breaches and ransomware attacks are caused by human error in fraudulent, spoof, or phishing emails. Identifying threat actors is key to breach prevention.
  • Regularly backup sensitive and critical data and utilize unique password protection for granting authorized access to data and systems. In many ransomware events, computer systems can be wiped and restored with no ransom paid and minimal impact to operations.
  • Enable remote system wiping on mobile devices and computers for when items are lost or stolen.
  • Enforce secure, unique passwords and regular changes, including on firewalls and routers. Do not allow the use of default passwords on IoT devices.
  • Include IoT
  • Implement network-level security to authenticate individual IoT devices.
  • Use multi-factor authentication (MFA) for remote access to Microsoft365 products. Fraudulent emails often trick employees into entering their login credentials. Using MFA can prevent outside threat actors from obtaining this data, even if they have your password.
  • Use 2-factor authentication (2FA) for wire transfers over a certain monetary threshold and international funds transfers (whether you conduct offshore trade). Threat actors often exploit when key personnel are out of the office (e.g., on a long holiday weekend), making it more difficult to authenticate. Setting up clear authentication protocols for large or foreign transfers with your bank can help prevent or recover fraudulent wire transfers.
  • Third-party vendor risk assessments will help you ensure their cyber hygiene to prevent them from inadvertently allowing access to your systems.
  • Regular cybersecurity updates on all IoT devices should be part of your cyber due diligence.
  • Establish an Incident Response Plan (IRP) that includes Business Continuity and Disaster Recovery in the event of a breach. Your cyber insurance support network will help you with your IRP, with the goal being a prompt restoration of your business operations and systems with less financial impact.

Cyber Vigilance

Even if your business is “cyber vigilant,” you may fall behind in the race toward cybersecurity.

That is when you need the support network provided by a robust Stand-Alone Cyber Insurance policy. An Incident Response Team, and highly-qualified cyber claims professionals, will be laser-focused on stopping a cyber invasion, preventing further loss, detecting the root cause of the cyberattack, and then mitigating the loss to reduce its impact.


  • Cybersecurity measures are an essential part of your cyber risk management, but they are only as effective as the weakest link in your supply chain.
  • Prevention, detection, and mitigation require due diligence in planning and preparing for a cyber incident involving a data breach, ransomware attack, denial of service attack, fraudulent wire transfer, or fraudulent invoice manipulation.
  • If your cybersecurity measures fail to prevent a cyber incident, you will benefit from having transferred any residual cyber risk to a Stand-Alone Cyber Insurance Policy, most notably:
    • An Incident Response Plan (developed in collaboration with your cyber insurance carrier) will provide you with a team of specialists to guide you through a cyberattack response.
    • An Incident Response Team, and highly-qualified cyber claims professionals, will be laser-focused on stopping a cyber invasion, preventing further loss, detecting the root cause of the cyberattack, and then mitigating the loss to reduce its impact.
    • Protect your financial viability and bottom line after a cyber loss.

Reach out to a specialist cyber broker, such as Cyber Armada Insurance, to request innovative and robust cyber solutions appropriate for your needs and cyber risk tolerance. We understand the evolving demands and expectations of cyber insurance clients.

Today, contact Cyber Armada to examine how your company faces potential financial losses from business interruption caused by a ransomware attack. Contact us at 888.727.6232.

Next Article

Please watch for our next article on cyberattack vectors.

This article is made available for informational purposes and is not intended to be a substitute for professional or legal advice. No attorney client relationship is formed or implied between you and the authors(s) or Cyber Armada Insurance.

Topics: Covid-19 3PL Supply Chain Incident Response Plan

Cyber Armada Team
Posted by Cyber Armada Team on Jan 18, 2021

Apply for Cyber Insurance Online

Answer a few questions online and Cyber Armada will design a cyber insurance policy tailored to your particular needs.

Apply Online
Apply for Cyber Insurance
Schedule an appointment with Cyber Armada

Can we talk?

We're ready to talk when you are. You can schedule an appointment to speak with a representative from Cyber Armada when it is most convenient for you. Whenever possible we use online meetings to increase productivity and increase the amount of time we can spend with you. We use Zoom Meetings as our preferred video conferencing platform.

Schedule Appointment