• Advertise
  • Contact Us
  • Supplier Directory
  • SCB YouTube
  • About Us
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Parcel & Express
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Robotics
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Customer Relationship Management
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • Green Energy
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • Sourcing/Procurement/SRM
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Management & Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Warehouse Automation
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • WHITEPAPERS
  • VIDEOS
Home » Blogs » Think Tank » For Cybercriminals, COVID Is the Gift That Keeps Giving

Think Tank
Think Tank RSS FeedRSS

For Cybercriminals, COVID Is the Gift That Keeps Giving

Health and Safety
Photo: Bloomberg
March 11, 2021
Nadir Merchant, SCB Contributor

COVID-19 is the gift that keeps on giving — to cybercriminals.

First, the shift to remote work opened millions of new entry points to company systems, via unsecured home networks and personal devices. Now, as vaccine distribution picks up in the U.S., cybercriminals are disrupting the vaccine supply chain.

Some attacks may be forms of state-sponsored espionage to steal sensitive data from research institutions and pharmaceutical companies. But the majority of these cyberattacks are for the same reason as usual: profit.

In recent weeks we’ve seen a significant uptick in ransomware attacks in the transportation and cold storage sectors. Hackers are going after companies involved in the supply-chain process, such as producers of dry ice.

It's critical for all components of the vaccine supply chain, from pharmaceuticals to logistics, to protect themselves against cybercrime. Organizations need to invest in the proper security measures now, or risk the vaccine's safe delivery, the cost of ransomware and their brand reputations.

Threats to the COVID-19 Vaccine Cold Chain

With supply chains under intense pressure to deliver vaccine doses, cybercriminals have the opportunity to score big payouts. And these hacks are part of a larger trend: Supply-chain cyberattacks surged 430% in the past year.

The top security threat of 2020 was phishing attacks. Phishing has increased more than 600% since COVID-19 began, largely because it’s a cheap, easy and effective way for hackers to gain access to an organization’s data.

Phishing has been the biggest threat to the vaccine cold chain as well. IBM recently discovered a series of phishing attacks targeting those involved in vaccination storage and transport. Cybercriminals targeting the supply chain know that victims are more likely to pay the ransom if they need to get a sensitive product to market on time and in good condition.

As of February, 2021, the U.S. had administered 63.1 million doses of the vaccine, according to Bloomberg’s tracker. That’s a small fraction of the volume we can expect to see in the coming months. The U.S. has spent billions to secure hundreds of millions of doses from Moderna and Pfizer, expected to arrive through June and July.

With the supply chain already strained to deliver the current volume of vaccine doses, organizations need to invest in proper security efforts to minimize further disruption and scale effectively.

Three Ways to Strengthen Security

Organizations in the vaccine supply chain should implement the following measures to protect themselves against phishing and ransomware attacks:

Automated e-mail phishing defense solutions. These use machine learning to prevent malicious e-mails from reaching inboxes across an entire network. They can also alert recipients to messages that look suspicious or quarantine emails for I.T. teams to investigate.

These technologies can protect against both phishing and spear phishing, which is a targeted form of phishing that includes more personalized phrasing and calls to action. In one example IBM uncovered in its investigation, hackers sent e-mails impersonating executives at Haier Biomedical (a legitimate participant in the vaccine distribution chain). The e-mails contained requests to place an order with the recipient’s company, and included an attachment containing malware.

Though automated phishing defense solutions are critical, they are most impactful when combined with regular, effective cybersecurity training. Every employee involved at any level of the supply chain should be able to spot the signs of a phishing e-mail and understand which procedures to take to alert their I.T. team.

Strong identity and access management (IAM). These solutions enhance login security. They enable businesses to control user access to sensitive information, decreasing the risk that stolen credentials will result in access to hackers.

IAM also includes systems such as single sign-on (SSO) and multifactor authentication (MFA), providing the ability to securely store identity and profile data. SSO enables users to sign on once to access all their working web applications, and is often integrated with MFA to verify identity beyond a username and password. These tools can apply to cloud applications, desktop logins, VPNs and more.

Both IBM and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) discovered attacks intended to steal the network login credentials of corporate executives at companies involved in the COVID-19 supply chain. IAM makes it more difficult for cybercriminals to use a phished password or engage in credential stuffing, and can alert I.T. of suspicious login activity.

Given that 29% of security breaches involve stolen credentials, IAM is a critical component of any security framework. Additionally, you’ll need to educate employees on password hygiene to prevent the use of duplicate or simple passwords.

Frequently tested data backup and recovery software. A multilayered data backup strategy is an important fail-safe in the event of a successful cyberattack. Robust backup solutions protect data and can restore it quickly, reducing possible downtime. An automated data backup strategy is the safest and easiest approach, mitigating the risk of human error. Back up your data every 24 hours for optimal protection, or once a week at a minimum.

Ransomware attacks can infect backups as well, so it's recommended you follow the 3-2-1 rule: three copies of your data, on two different types of media, and one version stored off-site. This might sound obvious, but it’s vital to test your data backups. Too often, organizations only realize their backup solution doesn’t work after they need to recover their files.

An intelligent backup system that employs predictive analytics and machine learning technology can also detect the presence of anomalies and conditions typical of ransomware attacks. The system can then alert administrators of abnormal fluctuations so that your organization can respond quickly and restore to the most recent secure backup.

Security is integral to our nation's recovery. The health of our people and economy depends on the safe and efficient distribution of COVID-19 vaccinations. Organizations involved in the vaccine supply chain need to adopt strong cybersecurity approaches that include multilayered protection against threats like phishing and ransomware. Adopting these security measures offers protection from immediate threats targeting the vaccine supply chain, and sets up your organization for a more secure future.

Nadir Merchant is general manager of IT Glue, a Kaseya company.

Technology Supply Chain Security & Risk Mgmt

RELATED CONTENT

RELATED VIDEOS

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Featured Product

Popular Stories

  • 005_veteran_winemaker_gallo_embarks_on_an_ai_journey_v2-(540p).jpg

    Watch: Veteran Winemaker Gallo Embarks on an AI Journey

    Artificial Intelligence
  • SCB_Q326_Made4Net_Top5_THUMB.jpg

    Five Costly WMS Selection Mistakes Warehouse Leaders Keep Making

    Logistics
  • A container ship with cargo docked at the Port of Charleston

    Port of Charleston to Pause Operations at Leatherman Terminal

    Global Gateways
  • Stacks of blue shipping containers in a shipyard

    Why 2026 is Testing Global Supply Chains Like Never Before

    Global Supply Chain Management
  • Flags for China and the European Union juxtaposed against each other

    EU and China Agree to Three Months of Trade Talks

    Global Supply Chain Management

Digital Edition

2026 esg cover main scb q2 2026 cover

SupplyChainBrain 2026 ESG Guide: ESG — The Supply Chain’s Biggest Secret

VIEW THE LATEST ISSUE

Case Studies

  • Recycled Tagging Fasteners: Small Changes Make a Big Impact

  • A GRAPHIC SHOWING MULTIPLE FORMS OF SHIPPING, WITH A HUMAN STANDING AT THE CENTER, TOUCHING A SYMBOLIC MAP OF THE WORLD

    Enhancing High-Value Electronics Shipment Security with Tive's Real-Time Tracking

  • A GRAPHIC OF INTERLACING HONEYCOMBED ELEMENTS REPRESENTING GLOBAL BUSINESS TRANSACTIONS

    Moving Robots Site-to-Site

  • JLL Finds Perfect Warehouse Location, Leading to $15M Grant for Startup

  • Robots Speed Fulfillment to Help Apparel Company Scale for Growth

Visit Our Sponsors

4flow Arkieva Blue Yonder
Carton Cloud CoEnterprise Dassault
Duravant E2Open EPG
General Logistics Systems GEP Hy-Tek
iGPS Korber Lyngsoe
Procurability Quinyx SAP
Sikick Staples Systech
S&P Global Mobility TADA Tive
TransImpact US Bank Werner Enterprises
WSI
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Email Preferences
    • Newsletters
  • Resources
    • Events Calendar
    • 2026 Event Coverage
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2026 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing