A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak, security officials in the UK and USA have claimed.
A joint advisory published by the UK’s National Cyber Security Centre (NCSC) and US Cybersecurity and Infrastructure Agency (CISA) shows that cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organisations with a range of ransomware and malware.
“Examples of scams include emails containing malware which appear to have come from the Director-General of the World Health Organization (WHO), and others which claim to offer thermometers and face masks to fight the pandemic. Elsewhere the agencies have detected cyber criminals scanning for vulnerabilities in software and remote working tools as more people work from home during the pandemic. As well as alerting people to the threat, the advisory directs them to the support available to counter it. This includes the NCSC guidance on dealing with suspicious emails and on working from home securely.”
Paul Chichester, Director of Operations at the NCSC, said in a release:
“Malicious cyber actors are adjusting their tactics to exploit the COVID-19 pandemic, and the NCSC is working round the clock with its partners to respond. Our advice to the public and organisations is to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as UK Government, Public Health England or NHS websites.”
Bryan Ware, CISA Assistant Director for Cybersecurity, was quoted by the NCSC as saying:
“As the COVID-19 outbreak continues to evolve, bad actors are using these difficult times to exploit and take advantage of the public and business. Our partnerships with the NCSC and industry have played a critical role in our ability to track these threats and respond. We urge everyone to remain vigilant to these threats, be on the lookout for suspicious emails and look to trusted sources for information and updates regarding COVID-19. We are all in this together and collectively we can help defend against these threats.”
The techniques used by attackers prey on people’s appetite for information and curiosity towards the outbreak, with phishing emails and SMS messages using the virus as a lure to trick people into revealing credentials or downloading malicious software. Phishing attempts often come from what appears to be a trustworthy sender, such as the ‘World Health Organisation’, or with a subject line such as ‘2019-nCov: Coronavirus outbreak in your city (Emergency)’.
It is expected that the frequency and severity of COVID-19 related cyber attacks will increase over the coming weeks and months. You can read the full assessment here.