News, emails and social media posts about Covid-19 will get the most attention these days. Hackers are ready, willing and able to use this to their advantage. This, however, is the right time to use only trusted news outlets and not let fear lead you into falling for online-scams, such as buying surgical masks, vaccines or tests from websites you don‘t know. This is where quality security awareness training comes in.
Just the other day we got a friendly but unsolicited email from an unknown person with the subject line "Ideas for businesses and employer’s workspace for a coronavirus (covid-19) outbreak avoidance". The email came with a short message stating that in the attached excel document we’d find directions about spread prevention in the work environment. Needless to say, and due to good security awareness training, this attachment was not opened. But this is just one of the methods used by cyber criminals during this pandemic.
The forced digitization of the workplace
The Covid-19 pandemic forced many workplaces to digitize over night. We predict that this will have a lasting effect on many workplaces. For most of us work-life has been changed, at least for as long as restrictions due to this pandemic last.
Industries that before this situation had prohibited remote work have been forced to digitize. This includes bankers and aerospace engineers to almost every teacher around the world. Another sectors that has had to digitize even more than before is the health care industry. One of the most vulnerable in the cyber space. The importance of good security awareness training for these sectors has never been more clear. This is why Comtech has created ready made quality security awareness training programs for both the finance and health care sectors.
Security awareness training while working from home
It’s always important to be careful on-line. Now that so many are working from home or simply staying at home the internet has become one of the riskiest places to be. Hackers use our quest for news, information, entertainment and solutions during this pandemic to their advantage. There is no shortage of people who believe in the latest snake oil pitch, want to buy vaccines, tests or protective clothing. Some are simply unaware that just because a URL entails the word „covid“ it might not be an official website with good information.
Many of these people are now working from home. At home the behavior is different than at the office and cyber security measures are lacking. Hackers have a better access to these employees than ever before, which poses a great risk for companies. This is a great time for companies to offer quality security awareness training to their employees.
Hackers prey on pandemic fear
Corona virus-related fraud is up 400%. Hackers are developing websites, apps, and tracking tools that claim to provide real-time information about the virus, promise financial assistance or corona testing kits and treatments. For those anxious for information, it’s easy to be lured to a fraudulent site and fall victim to a cyber attack. People who have received quality security awareness training are less likely to become victims of such scams.
Here are the biggest Covid-19 cyber scams and hacks we’ve heard of:
- A well-established APT group unsuccessfully tried to hack the World Health Organisation (as if they didn’t have enough to deal with). The hackers reportedly used a malicious website that impersonated WHO’s internal email system in an attempt to steal passwords from WHO staff. Kaspersky has reported that similar web infrastructure has been used to target other health care and humanitarian organizations.
- Hackers have been hijacking home routers and changing their DNS configurations. This is done in order to redirect users to malicious content that’s posing as a WHO alert. Web browsers display a false message urging users to download a COVID-19 information app that then steals their data.
Hackers are thought to have been able to compromise home routers because their owners left their remote access open or used weak passwords. This highlights the need to secure the home WiFi as one of our security awareness training videos recommends. - There seem to be no lengths hackers won’t go to during this Covid-19 crisis. At the end of March they launched a cyber attack on the Italian social security website. They forced it to shut down temporarily as the most vulnerable in society were starting their claims for a meager crisis payout from the Italian government. The hackers are thought to have exploited a weakness or flaw in the web application. They then launched a DdoS attack. If this is a professional cyber gang they might continue their efforts in the hope of getting a ransom for stopping.
- Hackers have reportedly also attacked a vaccine test center. The ransomware attack was performed by Maze, a leading cyber-crime gang that, days before, pledged not to attack healthcare and medical targets. Guess you can’t even trust criminals these days. Although the attack was repelled with no downtime for the Hammersmith Medicines Research facility the Maze group did get away with some patient records and has already published some of them online.
- Health care workers have also been targeted in a ransomware campaign that used Corona-virus as bait. This new and dangerous Windows ransomware attack, also known as NetWalker, starts with a general phishing attack. It has been targeted towards people working in the healthcare sector.
- In more positive news: Emsisoft is offering to help hospitals and healthcare providers hit by ransomware free of charge.
And this is just the tip of the cyber iceberg. On an individual level people are being scammed left and right. For instance with promises of divine cure in exchange for donations, sold out protective equipment, Covid-19 tests, vaccines and even hand sanitizers.
Quality security awareness training to combat disinformation
Over 2000 new phishing domains have been set up over the past month to capitalize on the surging demand for Zoom from home workers, according to new data from BrandShield. Over 100,000 domains have been registered with covid, virus and corona. They can for example be used for phishing attacks with social engineering methods playing on the fear of people or their wish to find a vaccine or for ransomware attacks against hospitals.
And then there is the dangerous spread of disinformation. Upon reviewing phishing attempts since the beginning of this year, there is a rising number of attackers, impersonating news outlets or journalists. For example, attackers impersonate a journalist to seed false stories with other reporters to spread disinformation. In 2019, one in five accounts that received a warning was targeted multiple times by attackers. If at first the attacker does not succeed, they’ll try again using a different method or account.
The list goes on and there obviously is no bottom as to how low cyber criminals will go for money.