Clicking on COVID-19 updates and virus “cures” is dangerous – cybercriminals prey on your anxiety
Various national leaders have been accused of responding too slowly to the coronavirus pandemic. But no one can level the charge of sluggishness at cybercriminals. Indeed, they have wasted no time in seeking to exploit the panicked situation. Time to upgrade your cybersecurity – and quickly.Our unquenchable thirst for fresh updates about COVID-19 mixed with the shift to home-working makes for a toxic potion. And drinking up purported cures online could be fatal in terms of being hacked.
“With people desperately looking for any new information on COVID-19, phishing campaigns are currently spreading across the web much like coronavirus itself,” says Edvardas Mikalauskas, a Senior Researcher at CyberNews, a respected source for cybersecurity updates. “During the outbreak, attackers have been emailing businesses with claims that the British and Chinese governments are trying to cover up the existence of an effective vaccine. Those gullible enough to open the attached file would be taken to a phishing website that collects their login details for malicious purposes.
“Other examples include malicious emails and text messages sent by phishers claiming to represent the Australian Medical Association and the World Health Organization (WHO), while others still claim to be from their human resources departments and executives.”
Given that COVID-19-infected bodily fluids are selling for just $1,000 (£850) on the Dark Web, it should be no surprise that cybercriminals will stop at nothing to take advantage of people’s anxiety about the incurable virus.
Andrew Tsonchev, Director of Technology at Darktrace, calls it “fearware”. He warns: “Fearware poses a greater challenge for defenders because traditional email security tools will block spear-phishing attacks that have been seen before but, crucially, each fearware campaign will be unique in its content, exploiting the latest trending topic.”
SOPHISTICATED PHISHING ATTACKS
The sophistication of the attacks is laid bare by Anton Ivanov, Vice President of Threat Research at Kaspersky. “Our detection technologies have found malicious files masked under the guise of pdf, mp4, docx files about the coronavirus,” he says. “The names of files imply that they contain video instructions on how to protect yourself from the virus, updates on the threat and even virus detection procedures.
“The truth is these files contain a range of threats from Trojans to worms that are capable of destroying, blocking, modifying or copying data, as well as interfering with the operation of computers or computer networks. As people continue to be worried about their health, we may see more and more malware hidden inside fake documents about the coronavirus being spread.”
- On its Second Anniversary let’s Redistribute GDPR fines to give a Brighter Future to Disadvantaged Schoolchildren
Elliott Thompson, Principal Cybersecurity Consultant at SureCloud, posits “a great deal of cybercrime is psychological. It’s about understanding people’s likely behaviours and fears at a time like this.”
The surge of home-working has increased the risk of being hacked, suggests Mr Thompson. “Cybercriminals follow the money,” he says. “If there’s a dramatic increase in the use of videoconferencing and other collaboration tools due to the rise of people working from home, then we’d expect to see criminals trying to target them.”
Concerningly, Apricorn research published in 2019 revealed that one-third of IT decision-makers admitted their organisations had suffered a data breach as a result of remote working. Moreover, 50 per cent were unable to guarantee that their data was adequately secured when being used by remote workers.
Stan Lowe, Global Chief Information Security Officer at Zscaler, says: “One of the things that criminals count on during a crisis is the relaxing of security and awareness, and these guys are the lowest of the low. It makes security awareness messaging for your employees and customers a critical component of your business continuity implementation process.”
He called for a front-foot approach by organisations, and adds: “Pro-actively developing mitigation strategies by looking for threats utilising insertion points related to the crisis, such as keywords, threats and feeds.”
EXPERT TIPS: BOOSTING CYBERSECURITY
“Getting the basics right is important. Train staff, update software, monitor network and device-level security, use trusted vendors, update incident response plans and check your cyber insurance cover.” James Walsh, Head of Cybersecurity at US and European law firm Fieldfisher
“Never let family members use your work laptop. Take the extra time to scrutinise every email. Only visit websites you are familiar with and use for business every day. If something seems off, trust your gut. It’s better to miss one email from your boss than to click on the link that sets a cyberattack in motion.” Matt Lock, Technical Director at data security experts Varonis
“One way to guarantee remote employees work in the best and safest way possible is to provide highly secure USB sticks that automatically hardware encrypt all information written to them. This action will enable workers to move data around safely, offline, from wherever they end up working.” Jon Fielding, Managing Director EMEA at Apricorn
“Around 45 per cent of UK businesses allow employees to use personal devices to access work networks and data. Without the right security, these devices can leave businesses vulnerable to hacking. At the same time, a company is also responsible for the data security of information processed via personal devices – if the information is leaked or breached through a personal device, the company will be deemed liable.” Daniel Milnes, an Information Lawyer at Forbes Solicitors
“Weak passwords continue to be one of the primary drivers for breaches on a global scale. Anyone working from home should be reminded about the need for strong passwords such as passphrases, as well as the use of password managers and multi-factor authentication. It’s also important to ensure that remote workers are using technology running the latest version of the operating system and applications.” Lance Spitzner, Director at SANS Security Awareness