Criminals Have Ramped Up Covid-19 Related Attacks

Uploaded on 2020-11-09 in TECHNOLOGY--Hackers, FREE TO VIEW

A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK are reporting. Over 25% of the cyber attacks that the UK's National Cyber Security Centre (NCSC) responded to were Covid-related, it says in its most recent annual report.  

The Report covers the period from September 2019 to August 2020, so the pandemic occupied an even higher proportion of the agency's efforts after the first lockdown began. In total there were 723 incidents of all kinds, marking close to a 10% rise on the previous period. Of those, 194 were Covid-related.

Some of the incidents related to countering nation-state attacks, but most were criminal in nature. The NCSC says that it countered 15,354 campaigns that had used coronavirus themes as a "lure" to fool people into clicking on a link or opening an attachment containing malicious software. Some involved fake shops selling PPE (personal protective equipment), test kits and even vaccines.

Vaccine Hackers: Protecting the NHS and health-related research has been a priority, the report said. In July, the UK accused Russia of trying to steal vaccine-related information through cyber-espionage. And officials said they had continued to see an "ongoing threat" of states targeting the vaccine research-and-delivery programme. The NCSC said it had scanned more than one million NHS IP (internet protocol) addresses to look for vulnerabilities, and had shared 51,000 indicators of compromise. 

It has also carried out "threat hunting" to look for security risks on connected devices, and worked on the security of the NHS Covid-19 contact-tracing app.

Ransomware Attacks: The NCSC also warned ransomware attacks had become more common.
Ransomware locks people out of their computers and demands victims make a blackmail payment to restore access - and even then it is not always granted. The NCSC said it had handled more than three times as many ransomware incidents as in the previous year. These included an attack against Redcar and Cleveland Council which, the officials said, had "caused considerable damage and disruption". 

The report added the NCSC had observed a growing trend for such attacks to be more targeted and aggressive than previously.

Rather than just locking people out of access to their data until a ransom was paid, attackers often warned they would embarrass victims if they refused to comply.

Jeremy Fleming, the Director General of NCSC's parent, the GCHQ spy agency, said that NCSC' expertise had been “invaluable” in countering high levels of malicious state and criminal activity, and protecting against those who had tried to exploit the pandemic.

NCSC:       GovUK:     CISO Mag:     BBC:      Interpol:

You Might Also Read:

Securing The Remote Workforce Is A Top Priority:

 

« Cyber Warfare Is The New Frontier
Taiwan Company Guilty Of Semiconductor IP Theft »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cura Software Solutions

Cura Software Solutions

Cura Software Solutions (formerly Cura Technologies) is a market-leader in Governance, Risk and Compliance (GRC) enterprise applications.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

IT2Trust

IT2Trust

IT2Trust is one of Scandinavia’s leading value-added distributors of business-critical IT solutions within IT security and networking.

Centre for the Protection of National Infrastructure (CPNI) - UK

Centre for the Protection of National Infrastructure (CPNI) - UK

CPNI works with the National Cyber Security Centre (NCSC), Cabinet Office and lead Government departments and agencies to drive forward the UK's cyber security programme to counter cyber threats.

CyberOwl

CyberOwl

CyberOwl builds on cutting-edge research and combines decades of experience in developing, securing and operating large distributed systems.

PrivateCore

PrivateCore

We protect data-in-use from hackers trying to steal data such as encryption keys, certificates, intellectual property.

Sungard Availability Services (Sungard AS)

Sungard Availability Services (Sungard AS)

Sungard AS partners with customers around the globe to understand their unique business needs and provide production and recovery services tailored to their requirements.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

Practical Assurance

Practical Assurance

Practical Assurance helps companies navigate the rough terrain of information security compliance.

AlJammaz Technologies

AlJammaz Technologies

AlJammaz Technologies is the leading Technology Value-Added Distributor, which distributes advanced technology products, solutions and services in area including networking and cybersecurity.

Diligent

Diligent

Diligent's SaaS GRC platform gives leaders a connected view of governance, risk, compliance and ESG across their organization.

Ironblocks

Ironblocks

Ironblocks is a pioneering cybersecurity firm that specializes in delivering comprehensive, end-to-end security solutions for the rapidly evolving Web3 ecosystem.

ABPGroup

ABPGroup

ABPGroup is Asia’s leading cybersecurity technology provider focusing on providing best-of-breed solutions that address today’s pressing challenges.

CyberUpgrade

CyberUpgrade

CyberUpgrade is on a mission to empower executives to gain control over their organization’s cybersecurity.

Ciena

Ciena

Ciena is a global leader in optical and routing systems, services, and automation software. We build the world’s most adaptive networks to address ever-increasing digital demands.

GoGeekz Inc

GoGeekz Inc

GoGeekz is a leading Managed IT services company in Toronto. We offer services from cyber security to cloud solutions and web development to meet your business needs.