Criminals Have Ramped Up Covid-19 Related Attacks

Uploaded on 2020-11-09 in TECHNOLOGY--Hackers, FREE TO VIEW

A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK are reporting. Over 25% of the cyber attacks that the UK's National Cyber Security Centre (NCSC) responded to were Covid-related, it says in its most recent annual report.  

The Report covers the period from September 2019 to August 2020, so the pandemic occupied an even higher proportion of the agency's efforts after the first lockdown began. In total there were 723 incidents of all kinds, marking close to a 10% rise on the previous period. Of those, 194 were Covid-related.

Some of the incidents related to countering nation-state attacks, but most were criminal in nature. The NCSC says that it countered 15,354 campaigns that had used coronavirus themes as a "lure" to fool people into clicking on a link or opening an attachment containing malicious software. Some involved fake shops selling PPE (personal protective equipment), test kits and even vaccines.

Vaccine Hackers: Protecting the NHS and health-related research has been a priority, the report said. In July, the UK accused Russia of trying to steal vaccine-related information through cyber-espionage. And officials said they had continued to see an "ongoing threat" of states targeting the vaccine research-and-delivery programme. The NCSC said it had scanned more than one million NHS IP (internet protocol) addresses to look for vulnerabilities, and had shared 51,000 indicators of compromise. 

It has also carried out "threat hunting" to look for security risks on connected devices, and worked on the security of the NHS Covid-19 contact-tracing app.

Ransomware Attacks: The NCSC also warned ransomware attacks had become more common.
Ransomware locks people out of their computers and demands victims make a blackmail payment to restore access - and even then it is not always granted. The NCSC said it had handled more than three times as many ransomware incidents as in the previous year. These included an attack against Redcar and Cleveland Council which, the officials said, had "caused considerable damage and disruption". 

The report added the NCSC had observed a growing trend for such attacks to be more targeted and aggressive than previously.

Rather than just locking people out of access to their data until a ransom was paid, attackers often warned they would embarrass victims if they refused to comply.

Jeremy Fleming, the Director General of NCSC's parent, the GCHQ spy agency, said that NCSC' expertise had been “invaluable” in countering high levels of malicious state and criminal activity, and protecting against those who had tried to exploit the pandemic.

NCSC:       GovUK:     CISO Mag:     BBC:      Interpol:

You Might Also Read:

Securing The Remote Workforce Is A Top Priority:

 

« Cyber Warfare Is The New Frontier
Taiwan Company Guilty Of Semiconductor IP Theft »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Security Current

Security Current

Security Current's proprietary content and events provide insight, actionable advice and analysis giving executives the latest information to make knowledgeable decisions.

DKCERT

DKCERT

DKCERT (Danish Computer Security Incident Response Team) handles security incidents on forskningsnettet, the National Research and Education Network (NREN) in Denmark.

Materna Radar Cyber Security

Materna Radar Cyber Security

Radar Cyber Security is the only European supplier of Managed Detection & Response who provides its services based on inhouse developed technology.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

42Gears

42Gears

42Gears is a leading Unified Endpoint Management provider. Secure, monitor and manage tablets, phones, desktops and wearables.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

Dale Peterson

Dale Peterson

Dale Peterson, a leading ICS security and control system IT information expert, provides consulting services to assess and improve the security of SCADA and DCS.

Elevate Security

Elevate Security

Elevate is the leading Security Behavior Platform, changing employee security habits while giving security teams unprecedented visibility.

Cyber Defense Technologies (CDT)

Cyber Defense Technologies (CDT)

Cyber Defense Technologies provides services and turn-key solutions to secure and maintain the integrity of your organization’s systems and data against attacks.

Sentra

Sentra

Sentra is focused on improving data security practices within the cloud, mitigating the risks of damaging data leaks by providing comprehensive visibility into critical data assets.

Vertek

Vertek

Vertek is a leading provider of operations consulting, end-to-end business process outsourcing, business intelligence, software applications and managed cybersecurity solutions.

Acclaim Technical Services (ATS)

Acclaim Technical Services (ATS)

ATS provide operational products, services and solutions to the defense and intelligence communities for all types of critical mission needs.

Metrics that Matter (MTM)

Metrics that Matter (MTM)

Metrics that Matter redefines how organizations approach cybersecurity by offering unprecedented insight into the value of their assets to criminals and tailored action plans to protect.

Adsigo

Adsigo

Adsigo AG is your reliable and professional partner for all topics concerning PCI certification, compliance and information security.

Crisis24

Crisis24

Crisis24 is a leading integrated risk management, crisis response, consulting, and global protective solutions firm.

Synergetika

Synergetika

Synergetika is a leading pure-play Privileged Access Management (PAM) consultancy and systems integrator.