Hackers are using coronavirus fears to steal data and passwords
We are facing unprecedented disruption to business and everyday activities in the UK and all over the world as a result of the coronavirus outbreak. However, in modern times of crisis, it seems there will always be hackers looking to use the situation for financial exploitation.
Recent research has indicated that hackers across the world are playing on the world’s fears about coronavirus to gather private data and passwords. The COVID-19 pandemic has resulted in a surge in domain registrations related to the virus, which are 50% more likely to have malicious intent. The research was conducted by Check Point Software Technologies Ltd, last week but since then several high-profile cases have come to light.
COVID-19 Tracking Map Targeted
The interactive map for tracking the spread of the virus, created by John Hopkins University, was targeted by hackers selling malware. Recognised cybersecurity blogger Brian Krebs reported the case. The malware itself was designed for compromising the security of the map and infecting the devices of those who used it. To view the fake map, users are required to download software. The university is now aware of the malware that is impersonating the site and has warned those looking to use the map to trust only the COVID-19 tracking maps on the university’s website, as well as one create and maintained by ArcGIS.
Jill Rosen, a spokesperson for the university, said:
“If you receive an email containing a link to download such an item or come across the code for the malicious app please report it immediately to the Esri incident response team through ArcGIS Trust Center security concern page.”
University Students Targeted When Cancelling Classes
Students and staff members of universities are also at risk. One attack identified by San Francisco security firm, Abnormal Security, was an email scam with the email allegedly coming from the “health team” at the university. A link in the email would lead to a login page designed to look like the university system, which would then steal the user’s data and password.
Coronavirus related scams are broad. Many phishing campaigns are pretending to be from the World Health Organisation or claiming to have found a cure to COVID-19.
Rich Text Format (RTF) Attacks
Researchers from Check Point stated last week that they had discovered several hackers using RTF attacks disguised as coronavirus warnings against people working in the public sector in Mongolia. In this scam, when the target opens the rich text document, the malware attacks Microsoft Word. The attack looks to capture screenshots, download files and list files and directories. Researchers at Check Point said that this is a long-term operation which has targeted large organisations and governments all over the world. They wrote:
“This specific campaign was leveraging the COVID-19 pandemic to lure victims to trigger the infection chain.”
It is unclear what the intention behind this type of attack is. However, we still see persistent iterations of this type of scam.
How can we protect ourselves from hackers during the pandemic?
Cybersecurity experts have urged the public to be cautious during this challenging time. It is vital to adhere to standard cybersecurity best practice now more than ever. Examples given include being aware and cautious of what you click and not downloading attachments from suspicious emails.
The hackers are playing on the fears and uncertainties plaguing the public at the moment, tricking them into downloading the malware. However, Chief Information and Security Officer at SailPoint Technologies Holdings Inc. Charles Poff described how although the World Health Organization has declared a pandemic, and that global efforts are being made to work together, “online scammers are trying to exploit this uncertainty through phishing attempts and bunk domain names,”
Ben Read, senior manager of intelligence analysis at FireEye Inc. also united that Chinese hackers have used statements from political leaders as well as advice taken from public sources as the basis of attacks in Taiwan, the Philippines and Vietnam.
Experts believe that coronavirus leaves the public particularly vulnerable to attacks as a result of the global relevance of the pandemic. They said that it expected that we would continue to see opportunistic cybersecurity threats while the virus persists.
Technical Surveillance & Counter Surveillance Measures from 1st Call Detectives
If you are concerned about the cybersecurity of your business, we can help. Having our experts to test and audit the security of your website and other digital systems can make all the difference to your business.
We even use ‘ethical hackers’ to test the limits of your cybersecurity practices. Where our hackers can find weaknesses in your security, so can international cybercriminals. We offer a broad range of data security, privacy and encryption services. To discuss your needs with us and to receive a free quote with no obligation to continue, get in touch with us today.
@UKZak
https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/
https://ca.news.yahoo.com/hackers-using-johns-hopkins-online-224704794.html
https://www.businessinsider.com/chinese-hackers-exploiting-coronavirus-check-point-2020-3?r=US&IR=T