Cyber criminals exploit coronavirus panic

Johannesburg, 23 Mar 2020
Read time 4min 50sec

Cyber hackers are preying on the public’s fear of COVID-19 to spread their own harmful viruses.

According to multiple cyber security experts, the spike in phishing techniques fraudulently claiming to come from an official source is the worst in years. Healthcare workers or administrative staff desperately seeking answers to important questions are easy targets for hoax e-mails that appear to come from a trusted government body such as the Department of Health.

These e-mails claim to share helpful information about the coronavirus and urge recipients to open an attachment which then downloads malware, infecting computers and gathering personal information.

Examples of scams identified so far

  1. A claim that the UK and Chinese governments have been covering up details about a new vaccine. Clicking on the attached document leads to a spoof Web page designed to collect login details.
  2. Notification of a tax refund due under a new UK government scheme, aimed at inducing recipients to input financial and tax information
  3. Fabricated World Health Organization recommendations, claiming that the virus is now airborne and that new cases have been confirmed in the victim’s vicinity. Attached to the message is a file named “SAFETY PRECAUTIONS”, which looks like an Excel document, but is in fact an executable file (.exe) that will infect computers with malware and track all Internet use.
  4. A warning from the Centres for Disease Control and Prevention about increased risk of community transmission that instead facilitates attempts to access your e-mail account or obtain donations in bitcoin to help develop a vaccine.
  5. Brno University Hospital, one of the Czech Republic’s largest COVID-19 testing labs, was forced to cancel urgent surgery and divert patients after suffering a ransomware attack.

Pandemic panic is catching people off-guard

Jake Moore, Cyber security specialist at anti-virus company ESET, insists the rising fear around the pandemic is playing into the hands of criminals because normally scrupulous individuals are letting their guard down.

He said: “People are falling for these scams in the notion of panic mode. They have limited time to research the background and validation of sites.

“My advice would always be to try and validate any information before acting and never click on links in unsolicited e-mails, and never hand over passwords on sites that are not 100% trusted.”

More than 4 000 coronavirus-related domains have been registered since January and at least 300 are deemed ‘malicious’, according to research firm Check Point.

They found that domains about the virus are 50% more likely to be owned by cyber criminals than other domains registered during the same time period.

Omer Dembinksy, security researcher at Check Point, said fraudulent sites are offering information or test kits in order to gather people’s information or receive payment.

The criminals are getting smarter as well; a study by security company ImmuniWeb found that they were providing real, live information on the pandemic in a bid to spread malware that infects people’s computers.

How to combat coronavirus cyber criminals

  • Avoid opening attachments and clicking on links within e-mails from senders you do not recognise.
  • Be especially wary of e-mails or phone calls requesting account information or requesting you to verify your account.
  • Always independently verify any requested information to confirm it originates from a legitimate source.
  • Visit Web sites by inputting the domain name yourself.
  • Use the strongest encryption.
  • Certificate ‘errors’ can be a warning sign that something is not right with the Web site.

The National Cyber Security Centre provides cyber security guidance and support.

Prepare for tomorrow’s threats today

No one could have predicted the coronavirus outbreak, nor its cyber security ramifications. But this only means it is more important than ever that organisations and individuals do all they can to prepare for new and evolving threats.

Far too often, healthcare companies wait to suffer a breach or a cyber event before springing into action. By then it’s too late to do any more than clean up the mess.

Smart businesses are already taking steps to ensure they are being proactive. Some are accelerating plans to improve the way they protect data – while others are reconsidering long-standing policies, no longer seen as adequate.

It’s critical that your backups are not permanently on the same network as your live data. If you use the cloud, ensure your chosen service encrypts data before it leaves your devices – and that it remains encrypted at all times, in transit and in storage.

Ideally, you need a solution that automates the process of securely sending data offsite, keeping your backups isolated from your live environment so they can’t be targeted by hackers or malware authors.

A solution like the one offered by Redstor guarantees recovery from a ransomware attack by giving you instant access to protected data.

The health and well-being of employees will always remain of paramount importance, but not having access to data, even for a few hours, is of huge concern too as it can cause irreparable damage in the form of lost business, catastrophic fines and reputational damage.

To find out whether your organisation is at risk, read our five-point DR guide to keeping your business in a healthy condition in the wake of a coronavirus outbreak.

Editorial contacts
Redstor Celeste Beetge