Cyber Attacks Up 500% In A Month

Uploaded on 2020-04-13 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW

Most of the world is trying to deal with the COVID-19 pandemic but  hackers are not under a lockdown. Cyber threats to the healthcare sector have surged as hackers look to take advantage of the panic and chaos caused by the coronavirus crisis. 

Phishing and hacking attacks and threats have increased by 5/6 times their usual numbers in the past month. The hackers are using the virus to exploit users working remotely from home to make their cyber attacks effective.

From a criminal perspective, phishing is the cheapest and easiest way to infiltrate organisations and personal information to make a profit.  Phishing is an even greater threat for mobile users as it is much easier for a user to make the simple mistake of clicking a bad link and falling victim to a phishing attempt. 

The outbreak of the COVID-19 has been exploited by cyber criminals for their latest phishing campaigns. 

A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK and USA have revealed. On the 8th April the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) shows that cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organisations with a range of ransomware and malware.

Examples of scams include emails containing malware which appear to have come from the Director-General of the World Health Organisation (WHO), and others which claim to offer thermometers and face masks to fight the pandemic.

Elsewhere the agencies have detected cyber criminals scanning for vulnerabilities in software and remote working tools as more people work from home during the pandemic. Attackers have also implemented a phishing campaign directed toward key executives and financial employees at certain organisations with the goal of stealing their account credentials.

With the latest coronavirus-themed campaigns, cyber criminals have been using various strategies, such as leveraging email, PDF attachments, and SaaS services. 

The US Department of Health and Human Services (HHS) and the World Health Organisation (WHO) have been targeted by hackers in unsuccessful but ongoing attacks. Hackers have started to capitalise on this situation by sending out emails that purport to offer health advice from reputable organisations such as governments and the WHO but that are really phishing attacks.

Around the world thousands of network engineers, technicians, and system administrators are working tirelessly to keep this system functioning for the rest of us. They’re grappling with greater network demands, a rapid acceleration in remote work, and a growing risk of cyber threats. 

Online threats have risen by as much as six-times their usual levels over the past four weeks as the COVID-19 pandemic provides new ballast for cyber-attacks, according to Cloudflare. The web security and content delivery vendor analyzed UK traffic figures for the past four weeks compared to the previous month and noted a sharp increase in malicious activity.

It revealed that hacking and phishing attempts were up 37% month-on-month, while on some days, the firm was blocking between four- and six-times the number of attacks it would usually see. The firm said the increase was the result of “recreational” hackers with more time on their hands.

Professional cyber-criminals are also using the global incident to further their own agendas. Phishing attempts have soared by over 600% since the end of February, including traditional impersonation scams but also business email compromise (BEC) and extortion attacks, according to Barracuda Networks.

In Hong Kong, likely state-sponsored attackers are using the virus as a lure to trick users into clicking on news links booby-trapped with iOS spyware.

Domain registrars are ramping up efforts to halt automatic registration of any website names that are linked to COVID-19, for fear they may be phishing sites or those selling counterfeit goods like surgical masks and pharmaceuticals and Interpol recently said that it had already managed to seize $14m worth of such fake goods. Even the British NCSC has stepped in to remove malicious and phishing sites. Aside from the rise in threat levels,

Cloudflare also noted an overall increase in internet use of 17%, as the majority of the country is urged to stay indoors and work from home.Online visits to tutoring sites grew most during the past four weeks, up 400%, while website numbers in categories such as politics (320%), TV (210%) and gardening (200%) also spiked. The pandemic is also worsening the situation because more and more people are staying at home and using the internet to work and socialise. This means they may be using their personal computers more and working outside the normal security protections provided by their employers’ internal computer systems. 

They are also working in stressful conditions that could leave them more likely to forget routine security procedures and fall victim to a phishing attack.

Remote usres are advised to always check for obvious signs of fake or unofficial emails such as poor spelling, grammar and punctuation, as most of these emails are generated from outside the country they are sent to.Also, be wary if the email tries to create a sense of urgency, that you must click its link now.

Remote users should also bear in mind that cyber criminals use every opportunity available to exploit weaknesses in cyber security and a frantic search for health advice is such an opportunity.  Always make sure that you look for information about COVID-19 only from trusted sources. 

NCSC:         Cloudflare:      TechXplore:     Menlo Security:     I-HLS

The Hill:      Infosecurity Magazine:      The Conversation:    

You Might Also Read: 

An 'Infodemic' Of Phishing & Malware:



 

« Half Of UK Business Has A Critical Cyber Skills Gap
Spear Phishing Threats & Trends »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clearpath Solutions Group

Clearpath Solutions Group

Clearpath Solutions Group expertise covers virtualization and data storage technologies, networking, security and cloud computing.

TBG Security

TBG Security

TBG provides a portfolio of services including cyber security, compliance and continuity solutions.

Kenna Security

Kenna Security

Kenna Security is a risk intelligence & vulnerability management platform that helps prioritize and remediate vulnerabilities.

Competence Center for Applied Security Technology (CAST)

Competence Center for Applied Security Technology (CAST)

CAST offers a range of services in the field of secure modern information technology and a contact point for all questions regarding IT security.

PerimeterX

PerimeterX

PerimeterX is the leading provider of solutions that secure digital businesses against automated fraud and client-side attacks.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

Brimondo

Brimondo

At Brimondo we help you to maximize and protect your brand value by being a proactive and strategic partner within brand protection with experts within intellectual property and digital assets.

Kiuwan

Kiuwan

Kiuwan provide software security solutions with SAST and SCA source-code analysis that fit into your DevOps process.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

Citalid

Citalid

The Citalid cyber risk management platform combines threat and business intelligence to identify the risks scenarios you face.

New Net Technologies (NNT)

New Net Technologies (NNT)

NNT SecureOps provides ultimate protection against all forms of cyberattack and data breaches by automating the essential security controls.

Arcturus Security

Arcturus Security

Arcturus is a CREST-approved cyber security consultancy created by experts in the field.

Wazuh

Wazuh

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Nudge Security

Nudge Security

Nudge Security offer the world's first-ever SaaS security solution to discover shadow IT and curb SaaS sprawl across any device or location and nudges employees towards optimal security behavior.

Catalogic Software

Catalogic Software

Catalogic helps clients backup, recover, manage, and protect their data across their enterprise and cloud environments with Smart Data Protection solutions.

SeeMetrics

SeeMetrics

SeeMetrics is an automated cybersecurity performance management platform that integrates security data and business objectives into a simple interface.