Cold Storage Firm Reports Cybersecurity IncidentCompany Reportedly In Talks to Help With COVID-19 Vaccines
A cold storage firm that was reportedly in talks to help in the effort to distribute COVID-19 vaccines filed a Securities and Exchange Commission document on Monday saying that it's dealing with a cybersecurity incident that affected its network.
See Also: Healthcare Sector Threat Brief
Atlanta-based Americold Realty Trust says in its SEC 8K filing: “As a precautionary measure, the company took immediate steps to help contain the incident and implemented business continuity plans, where appropriate, to continue ongoing operations.”
Americold says it has notified law enforcement officials, cybersecurity experts and legal counsel.
“Security, in all its forms, remains a top priority at Americold, and the company will continue to seek to take all appropriate measures to further safeguard the integrity of its information technology infrastructure, data and customer information,” the filing notes.
News site BleepingComputer reports that the incident is believed to have involved ransomware.
Americold declined to comment further about the incident.
In October, logistics trade news site Air CargoWorld reported that Americold was in talks to partner with Chicago Rockford Airport for temperature-controlled storage used in the distribution of COVID-19 vaccines.
A source familiar with the situation tells ISMG that Americold’s niche is providing cold storage for food at up to minus 20 degrees Fahrenheit and that providing storage for COVID-19 vaccines that might require much colder temperatures was likely a longshot.
The cybersecurity incident affecting Americold comes as organizations involved with COVID-19 response - including hospitals caring for coronavirus patients, makers of personal protective gear and related equipment, and vaccine and treatment developers - have suffered ransomware and other attacks.
In recent months, government agencies in the U.S. and other countries have issued warnings about such attacks (see: U.S. Hospitals Warned of Fresh Wave of Ransomware Attacks).
In August, Boyce Technologies Inc., a New York-based manufacturer of transit communication systems that pivoted to building ventilators during the COVID-19 pandemic, was reportedly a victim of the DoppelPaymer ransomware gang (see Ransomware Reportedly Hits Ventilator Maker).
Last month, Philadelphia-based eResearchTechnology, which provides clinical trial oversight software to drug makers and testing firms, confirmed that it was recently hit by a variant of the Ryuk ransomware (see Ransomware Attack Hits Clinical Trial Software Vendor).
Vishwas Gadgil, director of pharmaceutical maker Merck's IT risk management and security organization, says the healthcare sector’s supply chain is facing a number of escalating threats as it deals with the COVID-19 pandemic.
“The suppliers of the big companies that are into COVID-19 research are not always capable of handling cybersecurity threats the way the large organizations can,” he noted in a recent ISMG interview. “The fear is that mass scale and successful attack on this drug supply chain can impact and delay the pandemic’s effects far beyond health and economic impact.”
Attacks such as the one on Americold demonstrate the potential of these incidents to cause disruption within the supply chain, says Brett Callow, a threat analyst at security vendor Emisoft.
“The advice to healthcare supply chain companies is the same as the advice to every other company: Ensure best practices are adhered to. That means using multifactor authentication everywhere that it can be used, disabling PowerShell when not needed, limiting admin rights, segmenting networks and patching promptly.”