The Coronavirus (COVID-19) pandemic is increasing tremendously and disrupting the global health at large extent, in addition to the damages to economics, social and political systems. More importantly, the digital world is also on the verge of destruction because, due to this menace, the people at large scale are compelled to work remotely and doing so will make them rely heavily on remote communication and digital tools. The cyber attackers are capitalizing this situation and attempting to compromise the confidentiality, integrity, and availability of data.
The Cynet has discovered that Corona virus has a significant impact on the information security and threat actors are actively exploiting these crises. Currently, cyber attackers are using two main trends: malicious E-mail attacks and attacks on credentials of remote users.
Malicious E-mail Attacks
All businesses are instructed to run their operations remotely unless the corona virus is settled completely. Now, employees would rely heavily on E-mail communication. The Cynet revealed that 21% of E-mails included malicious attachments with more advanced capabilities such as redirection to malicious websites or malicious Macros and exploits.
The situation in Italy is even more worse than many other countries. Employees are working from home. Security teams aren’t fully operational and general atmosphere of uncertainty is creating the ideal condition for threat actors to use social engineering, phishing, and weaponized E-mails.
Compromising Users’ Credentials Remotely
As said before, employees are instructed to work from their homes to ensure business continuity. To this end, they use devices to establish remote connections. In previous cases, the security professionals working in the Security Operation Center (SOC) were taking preventive and security measures to stop and prevent cyber-attacks. Currently, they are out of SOC and there are great chances of data breaches and cybercriminals are capitalizing this situation.
High-dependency on Digital Infrastructure
Today, due to the Corona virus pandemic (COVID-19), social interactions and information propagation are swiftly being confined to the digital means such as voice calls, video calls, and text messages. For instance, the government of the UK has made digital “the default mode of communication.” They instruct citizens to use government’s official websites for updates. In the meantime, they also instruct citizens to avoid believing phones-based services especially those asking for sensitive information or other requests.
Recently, cybercriminals attacked the U.S Department of Health and Human Services and Corona Virus statistics website: worldometers.info with nefarious purpose of disrupting information flow and operations.
Exploiting Uncertainly and Fear
Uncertainty and fear are the biggest weaknesses of human beings. In this particular Corona pandemic plight, people are more likely to commit mistakes than they would not have made otherwise. Stress can lure you into taking actions, such as clicking on the malicious links incorporating so-called preventive measures against Corona virus, and these actions can be detrimental to the privacy of critical data and information. Recently, the hack news reported an attack whereby a piece of malware was hidden in the map that was displaying Corona virus (COVID-19) statistics. The map was stored on the malicious application and downloading it was posing huge damage to the sensitive information such as banking details, military secrets, or social security numbers.
Though Corona virus crises are serious, yet you should avoid becoming the victim of cyber-attacks due to this menace. Below is the list of some preventive measures with regard to Coronavirus and cybersecurity:
- Don’t rely on unofficial websites. Only trust official websites of the healthcare department of your respective country.
- Stay tuned with the latest updates from the World Health Organization (WHO). Don’t become victim to the scammed WHO website. For WHO Coronavirus disease (COVID-19) advice for the public, visit WHO Official website: https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public
- Don’t trust phone calls asking for sensitive information in order to make you preventive against Corona Virus.
- Avoid visiting phishing E-mails including maps or other attachments with regard to Coronavirus.
- Use E-mail spam filters of other renowned information security suites such as Security Orchestration, Automation, and Response (SOAR) and Security Information and Event Management (SIEM). Logsign SIEM is the trustworthy and next generation security suite that can save you against the Corona-related and other types of cyber threats and attacks.