How to protect yourself from cyber attacks that exploit Covid-19
May 14, 2020
The current coronavirus COVID-19 pandemic is changing the business landscape. The most immediate change that has been seen in many countries is the sudden increase in the amount of people working from home. Because of this change, the attack surface has increased significantly, forcing companies to strengthen their cyber security measures to ensure they don’t suffer at the hands of cyber criminals.
However, the increase in the attack surface is not the only cyber threat related to the current global situation.
Malicious campaigns exploiting Covid-19
Our partner researchers constantly search for samples in malicious coronavirus-related campaigns. They have analysed hundreds of malware detections since the lockdown. They’ve broken down several of these campaigns in a study.
Spam using coronavirus as bait
A common tactic amongh cyber attackers is to imitate an official organisation related to public health. In doing so, they hope to increase the likelihood of their victims downloading malicious content or clicking on links. Among the examples of coronavirus-related spam are the following:
A common tactic amongh cyber attackers is to imitate an official organisation related to public health. In doing so, they hope to increase the likelihood of their victims downloading malicious content or clicking on links. Among the examples of coronavirus-related spam are the following:
- “Latest Coronavirus Updates”: This campaign was detected in the UK. The email comes with an attachment in .dat format, supposedly containing the latest news about COVID-19. This file contains a piece of malware.
- “Coronavirus: important information about precautions”: In this case, the campaign targeted users in Italy, a country severely affected by the pandemic. In both the subject and the body of the email is the text “Coronavirus: important information about precautions”. In the body of the email, the sender claims that the attachment is a document prepared by the World Health Organisation (WHO) and strongly recommends that the reader download the compromised Microsoft Word attachment. The malicious file contains a Trojan.
- “Exclusive: Coronavirus Vaccine Detected”: this campaign was spotted in Portugal. It contains a link, supposedly to a page containing more information about the alleged vaccine, but actually contains malware.
Malicious domains related to Coronavirus
Right now, many people are turning to the Internet to try to find answers to the questions they have about the pandemic. Cyber criminals have taken advantage of this situation; our partner researchers detected a notable increase in domain names using the word “corona” combined with words commonly used in Internet searches for the disease, such as “vaccine” or “emergency”. There is a more extensive list in the report, but the following are some noteworthy examples of domain names:
Right now, many people are turning to the Internet to try to find answers to the questions they have about the pandemic. Cyber criminals have taken advantage of this situation; our partner researchers detected a notable increase in domain names using the word “corona” combined with words commonly used in Internet searches for the disease, such as “vaccine” or “emergency”. There is a more extensive list in the report, but the following are some noteworthy examples of domain names:
- acccorona [.] com
- alphacoronavirusvaccine [.] com
- anticoronaproducts [.] com
- beatingcorona [.] com
- beatingcoronavirus [.] com
- byebyecoronavirus [.] com
- cdc-coronavirus [.] com
- contra-coronavirus [.] com
- corona-crisis [.] com
- corona-emergencia [.] com
- coronadetection [.] com
Advanced protection to halt these campaigns
As is the case with any cyber threat, the first line of defense is prevention. To begin with, the most important thing is to educate employees about the risks involved in downloading attachments from unknown senders. It is also important to stress the harm that clicking on links in emails from strangers can do. Another vital measure is good password hygiene: Use complex passwords and change them frequently.
Another essential step in any cyber security plan are advanced solutions. JC Cyber Security Services offer continuous monitoring of all system activity, stopping any unknown process and blocking it until it is analysed and it is determined whether it is legitimate or malicious.
Unfortunately, the cyber attacks and spam campaigns that exploit the current pandemic will most likely continue to try to harm the computer systems of companies and users around the world. Make sure you have the necessary protection with JC Cyber Security.
As is the case with any cyber threat, the first line of defense is prevention. To begin with, the most important thing is to educate employees about the risks involved in downloading attachments from unknown senders. It is also important to stress the harm that clicking on links in emails from strangers can do. Another vital measure is good password hygiene: Use complex passwords and change them frequently.
Another essential step in any cyber security plan are advanced solutions. JC Cyber Security Services offer continuous monitoring of all system activity, stopping any unknown process and blocking it until it is analysed and it is determined whether it is legitimate or malicious.
Unfortunately, the cyber attacks and spam campaigns that exploit the current pandemic will most likely continue to try to harm the computer systems of companies and users around the world. Make sure you have the necessary protection with JC Cyber Security.
Follow Us
Be the first to know
You might also like
DevOps is a popular practice, especially among large organizations. However, while it comes with numerous benefits, it presents numerous risks as well. One notable challenge is the increased velocity of deployment, which often complicates how developers implement and ensure application security throughout the development and deployment process. DevOps is a popular practice, especially among large organizations. However, while it comes with numerous benefits, it presents numerous risks as well. One notable challenge is the increased velocity of deployment, which often complicates how developers implement and ensure application security throughout the development and deployment process. According to a recent survey, almost 80% of CIOs expressed concerns about the difficulty of discerning trusted elements from untrusted ones within DevOps environments. In particular, the pressure to deliver services at a faster pace sometimes prompts DevOps teams to take security shortcuts, resulting in potentially costly repercussions. These include data breaches, application downtime, and compliance violations. So, how can you strike a balance between the demand for agile DevOps practices and the need to maintain robust security measures?
Testing applications for security flaws during production is a vital process of the development lifecycle, and this is where Dynamic Application Security Testing (DAST) comes in. DAST is a security testing approach in application security (AppSec), in which testers assess an application in real-time, while it’s actively running. This process can be conducted even without testers knowing the application’s internal interactions or system-level designs. Applications fuel the engine of the world’s economy, but enterprises can encounter substantial hurdles when striving to retain a competitive advantage in a rapidly changing digital landscape. Businesses must continuously pursue inventive solutions, even as they contend with sophisticated adversaries looking to exploit opportunities to disrupt operations, compromise vital information, and inflict harm. According to recent research, approximately 17% of cyberattacks aim to exploit vulnerable web applications. Yet, 98% of web applications are susceptible to attacks that can lead to malware infection or redirect users to malicious websites. All the while, 72% of these vulnerabilities result from coding errors. Testing applications for security flaws during production is a vital process of the development lifecycle, and this is where Dynamic Application Security Testing (DAST) comes in. DAST is a security testing approach in application security (AppSec), in which testers assess an application in real-time, while it’s actively running. This process can be conducted even without testers knowing the application’s internal interactions or system-level designs. This is because DAST tools operate without access to the application’s source code. Instead, they emulate genuine attacks, akin to those carried out by real hackers, to identify security weaknesses. This “black box” testing method examines the application from an external perspective, scrutinises its runtime behaviour, and observes how it reacts to simulated attacks. These simulations help evaluate whether the application exhibits vulnerabilities and if it is potentially susceptible to malicious attacks.
In this blog post we look back at the origin of the term “hacking”, as well as how activities that might be described as hacking have existed throughout history, even prior to the advent of computer systems – and what if anything these can teach us today. Hacking is attacking and breaking into computer systems illegally… isn’t it? The meaning of the term “hacking” has in fact changed substantially over time, morphing from describing essentially benign (or at worst mildly disruptive) activities into its modern attribution to largely criminal and illegal activities. What’s more, in its original usage, “hacking” doesn’t necessarily even need to involve computer systems at all. In this blog post we look back at the origin of the term “hacking”, as well as how activities that might be described as hacking have existed throughout history, even prior to the advent of computer systems – and what if anything these can teach us today.