While the COVID-19 outbreak, caused by the new coronavirus (SARS-CoV-2), is bringing the global economy to a grinding halt, cybercriminals are attempting to exploit the growing uncertainty and fear for their personal gain.
The COVID-19-related cyber-crimes are conducted through various media, and they target both the private and the public sector. Unless cybersecurity experts fight them with the same sense of urgency as policymakers and medical professionals fight the virus itself, they could dangerously hamper the efforts to stop the pandemic.
Additional Reading: Why a 24×7 SOC is an Essential Component to Your Cyber Security Program
Threats on All Fronts
Even though some governments are still coming to terms with the monumental task ahead of them, cybercriminals have already launched offensive campaigns on all fronts.
Here are the 3 main forms of cyber attacks criminals are using to prey on consumer fears:
- Phishing Attacks
- Malicious Websites
Due to their effectiveness and ease of implementation, phishing attacks and social engineering scams were among the first cyber-crimes attempting to exploit the COVID-19 emergency. Since many businesses have adopted new work-from-home policies, hackers have been quick to exploit insecure home networks as well.
Typically, cybercriminals send fake email messages that appear to come from a trustworthy organization, such as a government agency or healthcare provider. These emails often contain various lure documents, whose purpose is to infect the victim’s computer with information-stealing malware.
After discovering that cybercriminals had been sending phishing emails with its name, the World Health Organization (WHO) issued a warning, advising all recipients of WHO-branded emails to verify the sender by checking their email address, check suspicious links, and be careful when providing personal information, among other things.
“Criminals are disguising themselves as WHO to steal money or sensitive information. If you are contacted by a person or organization that appears to be from WHO, verify their authenticity before responding,” states WHO on its website.
Similar warnings have also been issued by the US Cybersecurity and Infrastructure Security Agency (CISA), the UK’s National Cyber Security Centre (NCSC), the Canadian Centre for Cyber Security (CCCS), and New Zealand’s Computer Emergency Response Team (CERT).
Additional Reading: 4 Ways to Spot a Phishing Attack
Whereas panic-buyers have emptied toilet paper aisles in stores around the world, Check Point’s Global Threat Index shows that cybercriminals have been busy registering coronavirus-related domain names.
“In the past three weeks alone (since the end of February 2020), we have noticed a huge increase in the number of domains registered – the average number of new domains is almost 10 times more than the average number found in previous weeks,” explains the Israel-based software company.
We know that the sudden demand for coronavirus-related is caused in large part by criminal activity because data from Check Point reveal that coronavirus-related domains are 50% more likely to be malicious than other domains registered during the same period.
For example, cybercriminals on the prestigious Russian-language forum XSS can now purchase a malicious version of the map created by the Johns Hopkins Center for Systems Science and Engineering (CSSE). The malicious map sells for $200 (or $700 with a Java CodeSign certificate), and it can be used to deliver malware.
Additional Reading: 7 Ways to Prevent Cyber Attacks in 2020
Most cybercriminals are in it to make a profit, but some are interested in spreading misinformation and sowing discord. The impact of this criminal activity is difficult to quantify because it doesn’t directly impact the bottom line of businesses, organizations, and individuals. Instead, it causes panic, fuels racism, and promotes potentially dangerous home remedies.
The WHO calls the over-abundance of information—some accurate and some not—that makes it hard for people to find trustworthy guidance as an “infodemic.” The organization is trying to refute online myths with evidence-based information, encouraging official government entities and social media platforms to follow in its footsteps.
Unfortunately, government propaganda machines understand the power of misinformation in the times of crisis just as well as edgy cybercriminals who take pleasure in causing chaos. Recently, an EU monitoring team collected 80 examples of misinformation from pro-Kremlin media and claimed that its purpose had been to aggravate the public health crisis in the west.
The sophisticated nature of misinformation campaigns like this one, which relied mainly on the amplification of bogus news stories that originated from elsewhere, allows those who are behind them to avoid accusations and escape consequences of their actions.
Additional Reading: Top Cybersecurity Threats to SMBs in 2020
Be Aware of Coronavirus Cyber Crimes
COVID-19 is one of the most severe challenges humanity has ever faced, presenting a significant risk to individuals and organizations across the world. The activity of opportunistic cybercriminals can make this challenge even more difficult to overcome by destabilizing critical infrastructure and creating panic.