Cybercriminals have been exploiting the panic over the spread of COVID-19 pandemic since February. The first case of the new disease was reported in December 2019. People are hungry for information in this new and highly contagious disease that has affected millions around the world making them easy preys.
Lockdowns to help stop the spread of the virus forced people to a less secure work-from-home setup. Communications and exchange of corporate files are done through the cloud which is one of the most vulnerable avenues in data protection.
While the world deals with the pandemic, cybercriminals have been busy with their advanced persistent attacks (APTs) and employing sophisticated techniques that could easily infiltrate networks and unleash malware in multiple individual computer systems.
According to Vitaly Kamluk, director for Global Research and Analysis Team (GReAT) Asia Pacific, at Kaspersky, the age-old — and tried and tested — strategy of social engineering has become easier than just months ago. People are curious and would devour any new information concerning the disease, which makes them fall for “simple” tricks by hackers.
Malicious software is disguised as files or links that allegedly contain information on the virus. Other hackers are able to perform DDoS attacks.
Kaspersky saw four malware campaigns wherein cybercriminals were distributing infected URLs that look like the World Health Organization’s website as well as malicious files.
However, email scams still persist, Kamluk said. Cybercriminals disguise these electronic messages as bulletins from government agencies, home-test kits offering, donation driver, and the like.
Amid all the chaos not only in real life but also in the cyberworld, Kamluk shared how security experts have come together to protect organizations and individuals from these threats.
He shared about the COVID-19 CTI League which is a non-profit, voluntary focus group made up of more than 150 different individuals and organizations across the globe which try to take down fake websites, detect coronavirus-related malware, as well as offer incident response in case of an attack. Kaspersky is part of this group, alongside other researchers and individuals from the government, academia, and private organizations.
The challenge in terms of responding in case of an attack can also be assisted by Bitscout. It is an open-source and free tool developed by Kamluk himself for all people interested in digital forensics and cyber investigations. It aims to help organizations especially law enforcement agencies to conduct incident response and analysis without traveling.
For those interested, there will be free online training about this tool on April 28, 2020. Find out more about Bitscout here.