Cyber Attacks Up 500% In A Month

Most of the world is trying to deal with the COVID-19 pandemic but  hackers are not under a lockdown. Cyber threats to the healthcare sector have surged as hackers look to take advantage of the panic and chaos caused by the coronavirus crisis. 

Phishing and hacking attacks and threats have increased by 5/6 times their usual numbers in the past month. The hackers are using the virus to exploit users working remotely from home to make their cyber attacks effective.

From a criminal perspective, phishing is the cheapest and easiest way to infiltrate organisations and personal information to make a profit.  Phishing is an even greater threat for mobile users as it is much easier for a user to make the simple mistake of clicking a bad link and falling victim to a phishing attempt. 

The outbreak of the COVID-19 has been exploited by cyber criminals for their latest phishing campaigns. 

A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK and USA have revealed. On the 8th April the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) shows that cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organisations with a range of ransomware and malware.

Examples of scams include emails containing malware which appear to have come from the Director-General of the World Health Organisation (WHO), and others which claim to offer thermometers and face masks to fight the pandemic.

Elsewhere the agencies have detected cyber criminals scanning for vulnerabilities in software and remote working tools as more people work from home during the pandemic. Attackers have also implemented a phishing campaign directed toward key executives and financial employees at certain organisations with the goal of stealing their account credentials.

With the latest coronavirus-themed campaigns, cyber criminals have been using various strategies, such as leveraging email, PDF attachments, and SaaS services. 

The US Department of Health and Human Services (HHS) and the World Health Organisation (WHO) have been targeted by hackers in unsuccessful but ongoing attacks. Hackers have started to capitalise on this situation by sending out emails that purport to offer health advice from reputable organisations such as governments and the WHO but that are really phishing attacks.

Around the world thousands of network engineers, technicians, and system administrators are working tirelessly to keep this system functioning for the rest of us. They’re grappling with greater network demands, a rapid acceleration in remote work, and a growing risk of cyber threats. 

Online threats have risen by as much as six-times their usual levels over the past four weeks as the COVID-19 pandemic provides new ballast for cyber-attacks, according to Cloudflare. The web security and content delivery vendor analyzed UK traffic figures for the past four weeks compared to the previous month and noted a sharp increase in malicious activity.

It revealed that hacking and phishing attempts were up 37% month-on-month, while on some days, the firm was blocking between four- and six-times the number of attacks it would usually see. The firm said the increase was the result of “recreational” hackers with more time on their hands.

Professional cyber-criminals are also using the global incident to further their own agendas. Phishing attempts have soared by over 600% since the end of February, including traditional impersonation scams but also business email compromise (BEC) and extortion attacks, according to Barracuda Networks.

In Hong Kong, likely state-sponsored attackers are using the virus as a lure to trick users into clicking on news links booby-trapped with iOS spyware.

Domain registrars are ramping up efforts to halt automatic registration of any website names that are linked to COVID-19, for fear they may be phishing sites or those selling counterfeit goods like surgical masks and pharmaceuticals and Interpol recently said that it had already managed to seize $14m worth of such fake goods. Even the British NCSC has stepped in to remove malicious and phishing sites. Aside from the rise in threat levels,

Cloudflare also noted an overall increase in internet use of 17%, as the majority of the country is urged to stay indoors and work from home.Online visits to tutoring sites grew most during the past four weeks, up 400%, while website numbers in categories such as politics (320%), TV (210%) and gardening (200%) also spiked. The pandemic is also worsening the situation because more and more people are staying at home and using the internet to work and socialise. This means they may be using their personal computers more and working outside the normal security protections provided by their employers’ internal computer systems. 

They are also working in stressful conditions that could leave them more likely to forget routine security procedures and fall victim to a phishing attack.

Remote usres are advised to always check for obvious signs of fake or unofficial emails such as poor spelling, grammar and punctuation, as most of these emails are generated from outside the country they are sent to.Also, be wary if the email tries to create a sense of urgency, that you must click its link now.

Remote users should also bear in mind that cyber criminals use every opportunity available to exploit weaknesses in cyber security and a frantic search for health advice is such an opportunity.  Always make sure that you look for information about COVID-19 only from trusted sources. 

NCSC:         Cloudflare:      TechXplore:     Menlo Security:     I-HLS

The Hill:      Infosecurity Magazine:      The Conversation:    

You Might Also Read: 

An 'Infodemic' Of Phishing & Malware:



 

« Half Of UK Business Has A Critical Cyber Skills Gap
Spear Phishing Threats & Trends »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Secure Forum

Cyber Secure Forum

The Cyber Secure Forum is a premier cybersecurity event dedicated to bringing together experts, and professionals to explore the latest trends, share knowledge, and discuss strategies.

Hyve

Hyve

Hyve provide a wide range of managed web hosting services including private, hybrid and public VMware cloud hosting.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

Auxilium Cyber Security

Auxilium Cyber Security

Auxilium Cyber Security is independent information security consultancy company providing cyber security services tailored to meet the evolving needs of organizations worldwide.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

Cylus

Cylus

Cylus, a global leader in rail cybersecurity, helps rail and metro companies avoid safety incidents and service disruptions caused by cyber-attacks.

EUROCONTROL

EUROCONTROL

EUROCONTROL is a pan-European, civil-military organisation dedicated to supporting European aviation. We help our stakeholders protect themselves against cyber threats.

EuraTechnologies

EuraTechnologies

EuraTechnologies, the French incubator and accelerator, is a centre of excellence and innovation for startups and entrepreneurs with a focus on Digital, Data, Cybersecurity and IoT.

Diateam

Diateam

Diateam is an R&D company specializing in computer security. Diateam develops highly innovative cyber range platforms and Industry-leading systems for cybersecurity training and testing labs.

ScorpionShield

ScorpionShield

ScorpionShield CyberSecurity is an EC-Council Accredited Training Center, and an On-Demand Service for Cybersecurity professionals.

DATS Project

DATS Project

DATS Project enables the utilization of high computing power across a number of cybersecurity services, all on a pay-as-you-go basis, eliminating the need for upfront investment costs.

OpenZiti

OpenZiti

OpenZiti is the world’s most used and widely integrated open source secure networking platform. OpenZiti provides both zero trust security and overlay networking as pure open source software.

Blind Insight

Blind Insight

Field-level searchable encryption plus fine-grained programmable access controls. All wrapped neatly in developer-friendly APIs and SDKs. Data protection perfection.

Corporater

Corporater

Corporater provides organizations with integrated solutions for managing governance, performance, risk, and compliance built on a single platform.

Operant AI

Operant AI

Operant AI is the only Runtime AI Application Defense Platform that actively protects every layer of live cloud and AI applications from infra to APIs.