There is no doubt that COVID-19 has created fear, panic, and uncertainty among the public, but it has also opened new possibilities for hackers to increase cyber-attacks using different approaches. According to reports in the last few weeks, hackers are taking advantage of the current situation to spread fake news about important information related to government notices, school closures, health risks, etc.
Recommended Read: Top 7 commands for Linux Network Traffic Monitoring
Also Read: SpeedTest-CLI: Run network speedtest on Linux CLI
Plus, the majority of the employees working remotely from homes may become easy targets to such scams while downloading emails or accessing information through their personal devices. The best defense for protecting and safeguarding your website and system against the rising cybercrimes is to install SSL certificates.
Cyber-attack threat growing with Coronavirus fear
With the growing number of Coronavirus cases across different countries in the world, many organizations have now turned to dashboards to keep track of this pandemic. However, hackers have also started coronavirus maps for injecting malware into the computers to steal personal information such as passwords, user names, credit card numbers, etc. In addition, most hackers have started creating websites to prompt users for downloading applications for tracking COVID-19 which may be a ploy to attack your systems.
According to the cybersecurity firm, Kaspersky cyber attackers are misusing content from government agencies such as CDC in the US and WHO to spread false information about Coronavirus through phishing emails and malware.
Coronavirus related malware in the APAC region
Bangladesh- 93
China-40
Phillipines-53
Vietnam-23
India-22
Malaysia-20
CNBC reports that almost 36% of senior-level executives of large companies have expressed their growing concerns regarding the rising threat of cyberattacks in the wake of Coronavirus. Online scammers and hackers are creating panic among individuals and tricking them to share their personal information. Companies and individuals need to safeguard their information by being aware of what they are clicking online. Most of the hackers are exploiting the disease to steal valuable data and information from users.
Types of hacking threats emerging due to COVID
Cybersecurity experts have identified some of the new threats affecting different industries where fake domain names have been used in many instances. As per some of their reports, more than 50% of the domain registrations associated with Coronavirus comprise some kind of malware. Moreover, with an increasing number of employees working from home, the company-related data is also prone to such cyber thefts.
- Malware campaigns
FireEye, a cybersecurity company based in California reported an upsurge in spear-phishing campaigns through hackers based in China, Russia, and North Korea for spreading malware. Similarly, other cybersecurity companies such as CheckPoint Software found plenty of Coronavirus disinformation campaigns targeted at individuals and enterprises.
There was another campaign comprising of Microsoft Office themed document that was supposed to have come from the Ministry of Health, Ukraine. This campaign was misleading as it contained malicious content instead of information related to Coronavirus. IBM security’s X-Force discovered another campaign targeted at Japan where users received emails from welfare organizations in the disguise of official emails announcing the outbreak of COVID.
The text was intended at installing Emotet, a popular malware used for stealing financial information by using a compromised code into the Windows device.
- Financial frauds and scams
Mimecast, a cybersecurity firm reported a scam where taxpayers received suspicious emails where they were asked to make their tax returns online during the outbreak of Coronavirus. These agencies provided false assurances to taxpayers by assuring them of extra money or refunds at the click of the button. Moreover, they would be taken to fake government websites where they would be required to furnish all their financial information. As per some of the reports, cybercriminals are creating multiple coronavirus related websites on a regular basis. These sites are primarily used for phishing attacks, distributing malware or involved in financial frauds.
- Healthcare industry
There was a fake email that was supposed to have come from the Centers for Disease Control and Prevention enticing individuals to click on links that comprised of malware. Kaspersky reported of such emails circulating and asking people to make contributions towards Coronavirus vaccine research.
They even requested donations to be made through bitcoins and surprisingly the address nor the signature looked suspicious at all. With fake news and information affecting the healthcare industry amidst the COVID scare, it’s crucial for healthcare providers to have SSL encryption for their website. This is mainly because patient information is more vulnerable to growing cyber threats in the existing situation.
In addition, most healthcare organizations need to comply with HIPAA (Health Insurance Portability and Accountability Act) which requires them to keep patient information safe and secure. Plus, all information related to patient medical history and diagnostic tests are sensitive and confidential that needs to be protected from misuse by hackers.
New cybercrime threats continue to emerge
Malware gangs use COVID emails to lure users to download their malware which now includes state-sponsored hacking groups which are now following similar tactics. As a result, UK based National Cyber Security Center started sending alerts to users regarding the increase in COVID email phishing campaigns. In addition, there are new domains with coronavirus terms emerging daily. A security researcher-DustyFresh who has been regularly tracking these domains found about 3,600 domains that comprised of the term-Coronavirus. Although some of them were genuine sites, the rest of them have been used for malware distribution including online scams regarding COVID vaccines and supplements.
Conclusion
Coronavirus is drastically changing the economy right from stock market crashes, job losses and having an adverse impact on people’s lives in all possible ways. However, one aspect which remains overlooked is the increasing number of cyberattacks in the form of malware or fake emails spreading the fear of COVID among the public. Hence organizations need to step up their efforts to ensure all their systems are in place and confidential data is protected using reliable encryption methods to prevent any hacking attempts.
Companies must introduce strict protocols for their company wide employees working remotely from their homes with strict verification process,before providing access to their systems to avoid compromise of confidential data.