Government cybersecurity agencies based in the United States and the United Kingdom recently issued a joint warning about hackers exploiting coronavirus pandemic anxiety to launch new online attacks, reported Bloomberg.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the U.K.’s National Cyber Security Centre (NCSC) issued an online threat alert about COVID-19 related phishing lures and remote working software attacks.
Moreover, the interagency warning noted both financially motivated cybercriminals and nation-state supported hackers are trying to take advantage of the global health crisis.
COVID-19 Related Cyber Threats
The CISA and NCSC’s coronavirus cyber threat update notes malicious cyber actors are using phishing emails to distribute malware. Commonly, hackers attempt to scam unsuspecting users by sending out messages purportedly written by the World Health Organization (WHO). Rogue operators will try to entice recipients with promises of free personal protective equipment.
The two agencies also stated hackers have taken to deploying malware and ransomware-laden emails purportedly offering information about COVID-19 outbreaks in the recipient’s home city.
The cybersecurity groups also warned that malicious operators are using stay-at-home orders to infect users’ systems. The CISA and NCSC pointed out the recent influx of remote workers has prompted hackers to look for vulnerabilities in videoconferencing and virtual private network (VPN) programs. Also, both organizations expect to see an increase in the “frequency and severity” of coronavirus themed cyber-attacks in the near-term.
Coronavirus Themed Cyber-Attacks Quadrupled in March
Bloomberg reported private cybersecurity groups agree with government findings that coronavirus themed online attacks are becoming more common. FireEye Inc. told the publication that hackers’ use of COVID-19 themed phishing emails quadrupled throughout March. The organization noted operators affiliated with the Chinese, North Korean, and Russian governments, and garden-variety cyber thieves contributed to the surge.
FireEye said both types of malicious cyber actors send out messages purportedly containing vital information about the disease. The cybersecurity group also said emails using conspiracy theory and fake coronavirus cure messaging are becoming more popular.
Furthermore, the organization stated hackers have started using misinformation about the U.S. government’s $2 trillion stimulus package in their malware deployments. Hackers are using subject lines like “COVID-19 Payment” to prey on unsuspecting American users. Similarly, cybercriminals are targeting Russian and Canadian citizens with ransomware-loaded emails promising “social compensation” and “Canada Emergency Response Benefit” payouts.
Last month, Reasons Cybersecurity reported hackers are using a fake live coronavirus map program to infiltrate users’ networks.
Cybersecurity firm CrowdStrike Holdings Inc. said a hacker group called Mummy Spider used a spoofed Kyoto public health center email address to target Japanese users in January. More recently, the collective has begun attacking citizens and medical organizations based in other countries.
Though unconscionable, criminals have always used times of crisis to further their ends. In the coronavirus pandemic era, thieves and saboteurs are using our need for up-to-date health and safety information to steal and destabilize. As such, users should get their news from reputable sources and practice good cyber hygiene to protect themselves.