Coronavirus: Hackers targeted Covid vaccine supply 'cold chain'

According to the IBM security researchers, a global phishing campaign has been targeting organisations involved with the distribution of the COVID-19 vaccine since September of this year. The company states that the attacks appear to be focused at the ‘cold chain’ stage of the vaccine supply chain where the vaccine supply is kept at extremely low temperatures to retain potency during transportation and storage. These attacks were focused on organisations linked with Gavi, an international vaccine alliance, specifically those related to Cold Chain Equipment Optimization Platform (CCEOP). Those involved in the phishing attacks posed as executives from a legitimate Chinese company involved in CCEOP's supply.

Additional source:

Also in news: 
Pfizer/BioNTech vaccine docs hacked from European Medicines Agency
NCSC statement on European Medicines Agency (EMA) incident
US Cyber Security firm FireEye hit by 'State-Sponsored' attack

US cyber security firm FireEye has recently been hit by ‘a highly sophisticated threat attack’ that the company believes to be state sponsored. In a blog post, FireEye CEO Kevin Mandia wrote that 'the attacker predominantly sought information regarding certain government customers'. Mandia also stated that "company tools used to carry out testing on customer security had been stolen." The persons responsible for the hack are not yet known but the firm is working with the FBI to investigate the incident.

Additional Source: NCSC statement on incident affecting FireEye
Phishing Campaign Targets 200M Microsoft 365 Accounts

An extensive and organised phishing campaign is targeting over 200 million users worldwide, particularly those in financial, healthcare, insurance, manufacturing, utilities, and telecommunications sectors. The attackers are using domain spoofing as a means to make the emails appear as though they come from Microsoft Outlook, specifically the spoofed address These malicious emails are intended to steal user credentials and, as is common with phishing attacks, urgent language is used to trick users into clicking a link and entering their login details.
News from Warwickshire Cyber Crime Unit

The Warwickshire Cyber Crime Unit recently attended the scene of a giant cannabis farm containing 3,195 plants in an area near Coventry. The intention of the visit was to determine if there were any digital investigative opportunities, however, upon arrival the team also found what appeared to be a live server set up.

By having these cyber capabilities on hand, officers avoided any potential damage or loss of evidence that could arise during the evidence collection process. This is just one example of how diverse a cyber crime investigation can be. One officer involved in the case described the scene as ‘dirty and grubby work, in the dark surrounded by the remnants of the cannabis farm – miles away from the usual sterile and virtual world of cyber investigation.’ This is a great example of how traditional policing methods can be enhanced by new and innovative policing tactics.
Charity Fraud- Donate to Charities, Not Criminals

While the vast majority of charity appeals, collectors and sites are sincere, unfortunately, during the festive period some cyber criminals may take advantage of the publics giving nature and try to pocket your charitable donations for themselves. 

Figures from Action Fraud show that during last year’s festive period almost £350,000 of charitable donations fell into the hands of criminals. Cyber criminals, scammers and fraudsters can set up convincing ploys in order to deceive people into handing over money. These tactics can include setting up fake charities, impersonating real charities, creating false fundraising websites, phishing emails and vishing calls.

Giving to charity this season is as important and encouraged as ever but, as with all aspects of the cyber world, it is important to be aware of the risks and dangers. This way you can be sure your donations are going where you intended them to.

Cyber Tips for Safe Donating
  • Always make sure the charity you wish to donate to is genuine before giving any financial details. You can check if the charity is a registered organisation here: You can also check if the charity is registered to the Fundraising Regulator here: - Charities registered to the Fundraising Regulator have made a commitment to good fundraising practices.
  • If you receive a suspicious email that claims to be from a charitable organisation, do not click any links or attachments. It is also best practice to never answer unsolicited phone calls or text messages asking for personal and/or details, even if you have good intentions others may not.
  • Donating online can be a convenient way of giving, just be sure that the site is genuine. It is best to type in the site you are looking for, avoid clicking links to the site, even if they seem genuine. If you are unsure, contact the organisation directly.

  • Be vigilant when donating to online fundraisers. Some tell-tale signs of a fake fundraising page are bad spelling and poorly written content. If you want to donate to an online fundraiser, only donate to fundraising pages created by someone, or an organisation, you know and trust

    For more ways to protect yourself this holiday season, visit the NCSC's Campaign to help online Christmas shoppers fight festive fraud

Weekly Threat Report 
Additional NCSC Alerts & Reports: 
Patch Tuesday fixes 9 critical flaws, but Microsoft Teams vulnerability a bigger concern

Nine critical vulnerabilities have been address in Microsoft 'Patch Tuesday light'. Of these vulnerabilities three affect Microsoft Exchange Servers, two affect SharePoint (one of which allowed attackers to access a site and execute code remotely within the kernel), two affecting Microsoft Dynamics 365 and another two affecting Hyper-V and Chakra Core.
PlayStation Now bugs let sites run malicious code on Windows PCs

Security bugs within cloud gaming applications, PlayStation Now, allowed attackers to execute arbitrary code on devices running the vulnerable app versions. The vulnerabilities were found and reported by bug bounty hunter Parsia Hakimian who received a $15,000 bounty for his report.
Magecart Hijacks PayPal Transactions at Checkout Page

The malicious hacking group, Magecart, has been observed using credit-card skimming as a method of hijacking PayPal checkouts. The hackers used the script ‘’ in order to make the malicious process look legitimate.
Virtual Workspaces vulnerability exploited by malicious cyber actors

The NCSC has supported an NSA advisory detailing how state-sponsored Russian attackers have been exploiting a vulnerability in VMware products. Organisations are being urged to patch the vulnerability that would allow malicious cyber actors to gain access to protected data on an affected VMware system.
What can we offer you?
Get in Touch
Click here to subscribe to the Cyber Crime Sentinel Newsletter!
If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud 

Spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):

Alternatively you can call 0300 123 2040 for 
 report and get advice about fraud or cyber crime

Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.
Registration for the CyberFirst Girls Competition 2021 is now open

The NCSC are working hard to get more girls interested in a career in cyber security. The CyberFirst Girls Competition provides a fun but challenging environment to inspire the next generation of young women to consider a career in cyber security.

The competition is a team event, with each one made up of 4 female students from Year 8 in England and Wales, Year 9 in Northern Ireland and S2 in Scotland.

Play the Winter Cyber Challenge, brought to you by the NCA for those UK residents age 18 years and under! 

Play each week throughout December (ends 31st December) for a chance to win an iPad Air or a 10.2in 32gb iPad!

The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2020 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp