As governments, health departments, testing labs, hospitals, and the entire medical community is trying to get a hold of the vicious COVID-19 virus, also known as the novel coronavirus, cybercriminals are not sleeping on the opportunity to exploit vulnerabilities. Now that everyone is focusing in on border control, flight cancellations, or providing the public with the most accurate information as soon as possible, cyber attackers are hoping that cybersecurity has been put on the back burner. Unfortunately, they have been successfully hitting those who are already down. The Brno University Hospital in Czech Republic was forced to shut down its IT network once a cyberattack was spotted. This led to surgical delays and patient rerouting to nearby hospitals. Besides putting patients at risk, the cybercriminals behind the attack also made it harder to test COVID-19 patients as the hospital acted as a testing center.
The attack on the US Department of Health was aggressive
Cybercriminals attempted to attack the US Department of Health and Human Services this Sunday and Monday. Fortunately, the attack was not successful. Alex M. Azar II, the Secretary of Health and Human Services, told the press during a conference that the barriers set up prior to the attack held off and that the networks were not accessed by the attackers. Unfortunately, it is unknow who might have performed the attack, although some speculate that cybercriminals from a foreign country are to blame. As New York Times reported, non-state Chinese and Easter European hackers have been particularly active these days, but there is no proof that they could stand behind the attack on the US Department of Health and Human Services. The attack, however, has been defined as aggressive, and the attackers were trying to scan all networks related to the department to check for vulnerabilities that, most likely, could be exploited for unauthorized access. As ironic as it sounds, it is lucky that government agencies are bombarded with cyberattacks on a daily basis, because that means that they are prepared for attacks like this one.
Coronavirus-related scams and fraud are spreading like wildfire
Unfortunately, as the coronavirus threat is growing throughout the world, malware researchers are seeing more and more instances where cyberattacks are exploiting the already dramatic situation. Numerous websites have been set up by cybercriminals to impersonate the CDC (Centers for Disease Control and Prevention), WHO (World Health Organization), ECDC (European Centre for Disease Prevention and Control), and other institutions that the public trusts for reliable information. Cybersecurity researchers are also reporting that the number of coronavirus-related phishing scams has grown exponentially. People can be exposed to scams via phone (text or calls), emails, social networking platforms, etc. For example, text messages claiming that Apple is giving away iPhones for those in need include links to malicious websites. Schemers calling on the phone are impersonating healthcare institutions to obtain personal information. They are also impersonating WHO, CDC, ECDC, and other similar institutions to send emails that contain malicious links and attachments.
Fake coronavirus-tracking apps and maps conceal malware
The World Health Organization declared COVID-19 a pandemic and countries around the world are declaring state of emergency. Flights are being cancelled, borders are being closed, and people are getting increasingly more worried. Naturally, the public wants to understand the situation, and they usually turn to the Internet. Unfortunately, cybercriminals were quick to exploit the situation, and we are now seeing a tsunami of malware directly associated with the real-life infection. For example, a fake coronavirus-tracking app for Android named COVID19 Tracker was created to conceal the malicious CovidLock Ransomware launcher that, after execution, immediately encrypts personal files on the phone and demands a ransom of $100. Researchers have also found that cybercriminals are distributing Corona-virus-Map.com.exe, a file that should open a virus-tracking map, but in reality, executes a dangerous infection known as AZORult password stealer. Needless to say, it gathers sensitive data. At this point, Microsoft has presented its own tracking map via Bing (bing.com/covid), and other legitimate trackers are likely to be released, but people need to be cautious.
COVID-19 is unlikely to go anywhere soon, and people need to prepare
Now that governments around the world are implementing quarantines and social-distancing practices, more and more people stay at home. Working from home poses plenty of cybersecurity challenges, and so it is important that both employers and employees educate themselves on safety measures that have to be taken. It is also important to understand that the volume of scams and fraud linked to the coronavirus is bound to grow, which, besides putting people at risk, might also make it harder to obtain accurate information. If you need information about the virus, you should rely on your government’s health department, the World Health Organization, and trustworthy news channels. However, remember that cybercriminals can set up fake websites, which is why you need to be cautious. Most important, do not panic, stay at home if possible, and practice commonsense.
Do not let anyone dupe you into purchasing any miracle drugs, coronavirus tests, or survival kits that are completely bogus and are only used to trick you out of your money. It is also not a good idea to waste money on masks, respirators, and sanitizers that are being sold on the dark web because they might not meet the standards of the health department or be FDA approved. When shopping for food and general supplies, do not go overboard, and spend money on what you need. Report anyone who is trying to resell products at exaggerated prices, and think about donating the items that you yourself do not need. Like the two Tennessee brothers who donated 17,700 bottles of hand sanitizer after being accused of price-gauging. Overall, stay cautious both in real life and online.
References
Associated Press. March 16, 2020. Tennessee Brothers Donate 17,700 Bottles of Hand Sanitizer After Amazon Blocked Them, Citing Price-Gouging. Time.
Cimpanu, C. March 13, 2020. Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak. ZDNet.
Perez, M. March 16, 2020. Coronavirus Scams: Watch Out For These Efforts To Exploit The Pandemic. Forbes.
Perlroth, N., Rosenberg, M., Sanger, D.E. March 16, 2020. Hackers Attack Health and Human Services Computer System. New York Times.
Villas-Boas, A. March 16, 2020. A fake coronavirus tracking app is actually ransomware that threatens to leak social media accounts and delete a phone's storage unless a victim pays $100 in bitcoin. Business Insider.