For the latest information and resources on Coronavirus, please visit the RCM&D COVID-19 Resource Center at https://info.rcmd.com/covid19.
As the COVID-19 global health crisis continues to wreak havoc on all aspects of life, the world is more reliant than ever on the use of technology. As tech continues to keep our world connected, even in quarantine, there are some new cyber threats to be aware of, specifically hackers.
Hackers aren’t just multiple platforms, including Zoom to wreak havoc. A host of cyber threats have emerged in the wake of COVID-19. Mass phishing schemes and malware attacks with hackers designing messages to appear they are coming from legitimate health officials and organizations are becoming commonplace.
Using real information on COVID-19, hackers have created sophisticated schemes to hijack devices and steal information. One scheme described by FTI Consulting involves Russian hackers selling a “Coronavirus Infection Kit.” This “infection kit” utilizes the Johns Hopkins interactive COVID-19 map to infect users with malware via a java based deployment scheme. The Hopkins interactive map is also used in a malicious app called “corona live 1.1,” which has the ability to track location, access a victim’s photos and text messages, and record audio. The use of legitimate coronavirus resources makes it increasingly difficult to decipher between real, helpful information and malware.
Malware isn’t the only threat on the rise, ransomware attacks have also seen a spike. A new strain of ransomware, named “CoronaVirus,” has been infecting victims through a fake website. This fake site is designed to mimic legitimate performance optimization services that companies like WiseCleaner offer. Once the “CoronaVirus” is installed, the virus steals login credentials and cookie data as well as access to cryptocurrency wallets. Once this information is stolen, a second file is download which encrypts the machine’s files.
As the COVID-19 situation continues to change, cyber criminals will continue to play on fear and anxiety in hopes of an easier attack. FTI recommends organizations and individuals take these precautions in order to avoid a full-fledged attack on a vulnerable workforce.
- Use virtual private networks (VPN) and ensure the latest security patches are installed.
- Provide IT security personnel with the resources they need to handle an increase in employees working remotely.
- Implement multi-factor authentication on all devices, including VPN connections, for an additional layer of security.
- Notify employees that phishing and malware attacks are increasing and what to look for (i.e. strange hyperlinks, misspelled words, unsolicited requests for personal information)
- Only download files from trusted sources.
This “new normal” creates unique challenges at every angle, especially from a cybersecurity perspective. Talk to your trusted RCM&D advisor today if you have any questions regarding staying safe in today’s virtual world.