Even in times of crisis, we have to remain vigilant against cyber risks and make sure our security teams are ready to prevent, detect and respond to these attacks. Cybercriminals are alert to take advantage of massive global events and attempt to drive a wedge, spread inaccurate information, and make money. While COVID-19 itself presents a significant global security risk to individuals and organizations across the world, cybercriminal activity around this global pandemic can result in financial damage and promote dangerous guidance, ultimately putting additional strain on efforts to contain the virus. We’d like to share a few resources that have drawn attention to some cybersecurity attacks due to the spread of the coronavirus:
1-) Digital Shadows has explained the COVID-19-themed phishing scheme that the Russian-language cybercriminal forum XSS has advertised in February 2020.
XSS post on COVID-19-related phishing scam
2-) Recorded Future examined how risk-performing factors are utilizing the worldwide disturbances caused by COVID-19 to assist their cyber danger exercises. The research provides an understanding of cybersecurity risks that have arisen from the spread of COVID-19.
Graph showing the registrations of COVID-19-related domains per day in 2020.
3-) HelpNetSecurity highlighted the risk of the Western world being captured unprepared against security flaws due to their usage of online technology, computers, mobile phones, and emails due to a variety of coronavirus-related cyber scams and schemes.
Sophos researches are warning about malicious emails that Italian speaking victims are receiving:
Malicious email example that italian speaking victims are receiving during Covid-19
4-) The World Health Organization (WHO) has warned everyone to beware of criminals pretending to be WHO since hackers attempted to trick people into clicking on malicious links or opening attachments by taking advantage of the pandemic. If contacted by a person or organization that appears to be from WHO, the organization recommended verifying the authenticity before responding.
We hope you enjoyed our article. Check out our Vulnerability Management services to stay secure!