Security officials from the UK and US have revealed that a growing number of cybercriminals and other malicious groups are exploiting the coronavirus outbreak for their own personal gain.
In a recently published joint advisory, the UK’s National Cyber Security Centre (NCSC) and the US Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) warned that cybercriminals and advanced persistent threat (APT) groups are now targeting both individuals and organizations with a range of ransomware and malware.
Some examples of these scams include emails containing malware which appear to have come from the Director-General of the WHO as well emails which claim to offer thermometers and face masks to help fight the pandemic.
The agencies have also detected cybercriminals scanning for vulnerabilities in VPN software and remote working tools that more people are relying on as they work from home during the outbreak.
Coronavirus cyber threats
As of now, the agencies have not seen overall levels of cyber crime increase but they are seeing a growing use of Covid-19 related themes by malicious cyber actors.
The techniques used by these attackers prey on people’s appetite for information about the outbreak with phishing emails and SMS messages using the virus as a lure to trick people into revealing their credentials or downloading malicious software.
The NCSC and CISA have also observed cybercriminals scanning for known vulnerabilities in remote working tools and software which shows that they are looking to take advantage of the surge in people now working from home. So far cybercriminals have tried to exploit the increased use of video conferencing software by using phishing emails with attachments naming legitimate software to trick users into downloading malicious files.
Director of operations at the NCSC, Paul Chichester explained in a blog post that individuals and organizations should remain vigilant to the increased number of online threats, saying:
“Malicious cyber actors are adjusting their tactics to exploit the COVID-19 pandemic, and the NCSC is working round the clock with its partners to respond. Our advice to the public and organisations is to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as UK Government, Public Health England or NHS websites.”
It is expected that the frequency and severity of coronavirus-related cyberattacks will increase over the coming weeks and months, so now is not the time to let your guard down.
- Also check out our complete list of the best VPN services