COVID-19 Cyberattacks Roundup From the Past Week

  • A group of researchers disclosed that cybercriminals are creating thousands of websites to exploit the COVID-19.
  • Brno University Hospital in the Czech Republic and the US government's Department of Health and Human Services, were targeted last week.

Cybersecurity concerns are running high this week as large organizations, local governments, and hospitals continue to be the prime targets of hacking attempts due to COVID-19.

However, that’s not all. According to a CNBC flash survey, more than one-third (36%) of executives say that cyberthreats have leaped after a majority of their employees work from home at this point of the global public health crisis.

How COVID-19 laid the bed for attackers?
Coronavirus-related scams started around mid-January. 

  • The spread of the virus helped attackers prey on the fear and confusion of the people. 
  • Many sophisticated nation-state hackers used pandemic-related traps to distribute malicious payloads.
  • Further, more and more people now working from home, often with fewer security defenses on their home networks, have given additional attack surfaces for an unauthorized user to attempt data extraction from their computing environment.

What attempts did hackers make?
Below are some of the ways in which hackers were observed trying to cash in on the COVID-19 outbreak conditions in the last week. 

  • Security experts exposed an ongoing phishing campaign actively spreading malware payloads through emails impersonating the Director-General of the World Health Organization (WHO).
  • Researchers discovered a phishing campaign that impersonates the World Health Organization (WHO) and promises to provide the latest guidance on COVID-19 via a fake e-book titled “My Health E-book.”
  • A group of researchers also disclosed that cybercriminals are creating thousands of websites to exploit the COVID-19 pandemic fears as a bait to spread malware through fake product offers.
  • Cybercriminals targeted the Worldometers website that tracks updates on the COVID-19 pandemic. The site showed incorrect data about the current situation due to the attack.

Serious COVID-19 attacks

  • Cyberattackers targeted Brno University Hospital in the Czech Republic—a major Covid-19 testing hub—and disrupted its operations by halting systems.
  • Hackers also hacked the US government's Department of Health and Human Services (HHS) and promptly circulated a false claim that the American government planned to introduce a nationwide lockdown.

Hackers’ false promises
Some ransomware operators had stated that they will not attack healthcare facilities during the Coronavirus (COVID-19) pandemic. However, Maze ransomware actors, who said, “we also stop all activity versus all kinds of medical organizations until the stabilization of the situation with virus," did not seem to follow their own pledge.

On Sunday, a news broke out saying Maze actors published the personal details of thousands of former patients of the London-based Hammersmith Medicines Research (HMR) after the company declined to pay a ransom. The medical firm has been working on a treatment for COVID-19.

Restoration of hope
The ransomware remediation firm Coveware and the malware defense firm Emsisoft announced to offer free ransomware response services to healthcare facilities facing encryption threats during the pandemic.

The firms revealed that their offer would include: technical analysis of the ransomware; development of a decryption tool whenever possible; ransom negotiation help and transaction handling, if needed; and more.

Bottom line
Across the world, major steps are being taken to control the spread of the pandemic. Meanwhile, rapid changes in daily life—because of the COVID-19—have also affected the way people interact with internet-connected technologies. Employees should follow these tips and tricks to stay safe while working from home. And we must all be vigilant of bad actors trying to use this situation to their own advantage.