We’re witnessing a phenomenal solidarity of people around the world stepping up during the global emergency of Covid-19. Apparently, cybercriminals waste no time to exploit it to their advantage. The number of coronavirus-themed scams and security incidents related to it has been steadily increasing over the last couple of months. Hackers are preying on people’s fears, spreading disinformation, and monetizing panic.
“This may be the most dangerous time to be online,” says Daniel Markuson, a digital privacy expert at NordVPN Teams. “And those least informed are in most danger. Hackers are exploiting very real fears about the coronavirus through fake emails and scam websites. People are giving up private information and downloading malware without a second thought.” NordVPN Teams is a cybersecurity solution for business from the world’s most advanced VPN service provider NordVPN.
The following are the most common coronavirus scams and security incidents:
Emails from “health authorities.” When Covid-19 was just ramping up, cybercriminals were already on it. Pretending to be health officials, they sent out emails with instructions on how to prevent coronavirus infection. These instructions, disguised as PDF, mp4, docx files, contained malware, which harvested sensitive data or took over infected devices. “That’s the granddaddy of coronavirus scams,” says Daniel Markuson. “Fake emails from WHO, CDC, and other health authorities have been circulating since January, containing malware or phishing scams instead of life-saving information.“
Fake coronavirus maps. A black world map with expanding red dots. The now-famous Johns Hopkins University map is a source of much-needed information that is accessible to all. Hackers used Johns Hopkins University data to create malware-ridden apps and spread them all over the web to unsuspecting users. This resulted in cybercriminals gaining access to people’s phone cameras, microphones, and text messages.
An ecosystem of scam websites. Every day sees the launch of a thousand fraudulent coronavirus websites. They host phishing scams, distribute malware, or sell non-existent cures and supplements. “Covid-19 and coronavirus-themed websites are growing at an exponential rate,” says Daniel Markuson from NordVPN Teams. “Among them, there’s a large number of suspicious or outright malicious websites.”
Covid-19 weaponized in cyberwarfare. In February, an email went viral in Ukraine. Supposedly coming from the health ministry, it reported new coronavirus cases in the country, sparking violent protests and clashes with the police. The email was fake, and it came from outside of Ukraine. Russia is among the suspects because, as the email went viral, its state-sponsored hackers attacked Ukrainian targets with malware hidden in Covid-19 documents. And that’s just the tip of the iceberg. South Korean and Vietnamese cybersecurity firms reported coronavirus-themed attacks coming from North Korea and China, respectively. In India, a Pakistani-sponsored agent used a decoy health advisory document to collect sensitive information from Indian institutions.
Cyberattack on the US Health and Human Services Department. On March 15, cyberattackers tried to overload the Department’s servers with a DDoS attack (an attempt to flood and crash a service with superfluous requests). The Department's servers suffered millions of hits over several hours, but this failed to make a dent in its systems. US officials suspect that the attack came from foreign actors. “No worse time than a global health emergency to DDoS the Health Department. Ethically, this is one of the worst things you can do — it could’ve cost lives,” says Daniel Markuson, the digital privacy expert at NordVPN Teams.
The virus of the mind. Hackers know that scared people tend to make irrational decisions. This is exactly why cybercriminals have been using coronavirus conspiracy theories to grab attention and exploit fear. By claiming to have a secret coronavirus cure or a new vaccine against Covid-19, they use social engineering to extract confidential data or bait users into downloading malware. “Not a piece of cybersecurity advice, just a general one — check your sources and prioritize what health authorities and healthcare professionals say over anything else.”
Thanks to NordVPN Teams for putting this information together, and to Today's Caregiver, for distributing it.
NordVPN Teams offers a full range of features to ensure convenience and powerful digital protection for small and medium enterprises, freelancers, and remote teams through advanced 256-bit encryption, including ad and malware blocking, unsecured traffic prevention, automatic connection on Wi-Fi networks, and 24/7 customer support with a dedicated manager.
No comments:
Post a Comment