The rapid worldwide spread of the Coronavirus, renamed COVID-19, has unfortunately also spurred new cyber threats from threat actors utilizing the panic for personal gain. Such cyberattacks are especially concerning as companies ask employees to work remotely. Given that people have a heightened interest in news regarding COVID-19, the door is open wide for social engineering, exploitation, and malicious activities.
What types of COVID-19 related cyber threats are there?
Using worldwide COVID-19 panic, cyber threat actors have begun utilizing new methods to spread malware and scams to prey on a distracted public. Such methods include Coronavirus-themed phishing emails, booby-trapped URLs, and credential stuffing scams. In one example, hackers use a PDF of Coronavirus-related safety measures to spread Remcos RAT and malware payloads. In another, threat actors send official-looking Microsoft documents with macros that drop a backdoor onto a victim’s computer. And yet another phishing campaign allegedly from the Centers for Disease Control tempts recipients to click on a malicious URL. There has also been confirmation that the virus is being used to distribute the Emotet Trojan. Related: Portland Mental Health & Wellness Proactively Uses Paubox During COVID-19 Pandemic Recent reports further show a spike in new, Coronavirus-related domain names; most are used in phishing schemes while the rest try to sell cures or preventative products. There is no doubt that these malicious campaigns will continue and grow.
What do we need to look out for?Threat actors thrive in panic-filled situations, using hysteria to catch people off guard. Companies must ensure that their employees remain safe and undistracted; as more and more people work from home, more and more data and lives become vulnerable, especially as endpoints become more remote. If looking into telecommuting, Paubox recommends:
- Give employees access to company equipment, cybersecurity, and IT personnel
- If in a regulated industry like healthcare, utilize strong email security such as HIPAA compliant email
- Test remote access capabilities and increase capacity if needed
- Confirm that IT personnel can handle the increased load
- Encrypt and secure equipment, connections, network
- Guarantee that employees understand all cybersecurity risks
Training, even remotely, is even more important and must include information on spotting a phishing email, website, or even text—no blind clicking without due diligence. Keeping people cyber safe during times of crises is important for long-term security.