Federal Government Issues New Warnings About Cybersecurity Threats During Pandemic
There are plenty of factors your business must consider with a new lens in light of the coronavirus pandemic, and your cybersecurity is a big part of it. The Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security is keeping tabs on the threats individuals and organizations are encountering during the pandemic and offering ways to keep yourself out of harm’s way.
Advanced persistent threat (APT) groups are using the COVID-19 pandemic as part of their cybercriminal activities. These threat actors will masquerade as trusted entities and use coronavirus-themed phishing messages or malicious applications to warn you or your organization has been compromised. They hope for espionage or “hack-and-leak” access for entities that fall for their schemes.
Along with phishing, cybercriminals and APT groups are using:
- Malware distribution, using coronavirus- or COVID-19-themed lures;
- Registration of new domain names containing wording related to coronavirus or COVID-19; and
- Attacks against newly — and often rapidly — deployed remote access and teleworking infrastructure.
Cybercriminals are relying on basic social engineering methods to entice a user to carry out a specific action. These actors are taking advantage of people’s curiosity and concern about coronavirus to persuade them to click on a link or download an app that may lead to a phishing website, or download malware, including ransomware.
For example, a malicious Android app claims to provide a real-time coronavirus outbreak tracker, but instead attempts to trick the user into providing administrative access to install “CovidLock” ransomware on their device.”
Another type of attack persuades users to open a file, such as an email attachment, that contains malware. These include email subject lines that contain COVID-19-related phrases like “Coronavirus Update” or “2019-nCov: Coronavirus outbreak in your city (Emergency).”
While the above is a classic example of phishing via email, many phishing attacks are shared via text message (SMS) as well. Coronavirus-related phishing offers financial incentives including government payments and rebates as part of the lure. FOr example, a series of SMS messages uses a UK government-themed lure to harvest email, address, name and banking information.
For organizations with rapidly deployed new networks, including VPNs and related IT infrastructure, cybercriminals are attempting to exploit a variety of publicly known vulnerabilities in VPNs and other remote working tools and software. Known vulnerabilities affecting VPN products from Pulse Secure, Fortinet and Palo Alto continue to be exploited.
This is just part of the most recent alert issued by the CISA to help individuals and organizations best protect themselves from malicious cyber actors who want to take advantage of the worst possible scenario. There are plenty of ways you can protect yourself, and you don’t have to do it by yourself. Contact 2W Tech today to get started with your Cybersecurity Compliance Program and let our IT consultants do the work for you.