Beware cyberattacks disguised as Covid-19 handouts

Dubai - Cybercriminals are leveraging a range of topics including the fear that a person has encountered an infected individual, government vaccine approvals, as well as sign up forms to receive the vaccine

There has been a steady increase in the number of malicious actors trying to get sensitive information from unsuspecting users by disguising malware as information about Covid-19.

Experts highlighted that cybercriminals are always adapting to the changing security landscape and keeping up with the latest developments that interest users. Right now, this involves everything about the Covid-19 pandemic.

Security company, Proofpoint, has observed the use of Covid-19 in broad-scale social engineering attacks leading to malware, credential phishing, and Business E-mail Compromise (BEC) since the beginning of the pandemic. Covid-19 themes are consistent with current events, and while, initially, the lures were around the virus’ existence, they have now turned to lures revolving around topics such as medical supply shortages.

Proofpoint researchers observed an increase in attacks that leverage the Covid-19 vaccine news, such as approvals of the vaccine by world governments, logistics of vaccine deployment, and distribution of the vaccine to frontline responders and other individuals.

“Although we did not see an increase in the volume of attacks, many threat actors used Covid-19 as an opportunity to employ familiar tactics such as phishing,” said Maureen Perrelli, chief channel officer at Secureworks.

Healthcare, pharmaceutical, and government organisations were targeted by both nation-states and financially-motivated cybercriminals, she added. “These threat actors recognised the large sums of money funding pandemic-related work and targeted the underlying data for financial gain. I believe technology partners are in an ideal position to help organisations mitigate the risk posed by threat actors during this pandemic and beyond.”

Currently, there is an extensive Covid-19 vaccination campaign in the UAE, as the country already administered over 2.06 million vaccine doses, ranking first in the world in the distribution of daily doses and fifth worldwide when it comes to the availability of vaccine.

Given the hype around the Covid-19 vaccines topic, there is also an expected rise of email-borne attacks spreading malware, phishing, and BEC. These exemplify abuse of popular brands such as WHO, DHL, and vaccine manufacturers delivered to users in organisations. The lure themes leveraged a range of topics, including fear that a person had encountered an infected individual; government vaccine approvals and economic recovery fueled by the vaccine; as well as sign up forms to receive the vaccine, information updates, and vaccine shipment delivery.

Perrelli advised organisations to enforce or develop policies to protect remote work equipment, the consumption or transport of sensitive data and establish technical controls to help monitor and enforce these policies.

“For example, install technical controls such as a Mobile Device Management (MDM) solution. Threat actors continue to use proven tactics such as ransomware, malware, and business email fraud. Organisations should deploy advance threat detection and response solutions to constantly monitor their now expanded network footprint. Using multi-factor authentication for internet-facing resources, encrypting sensitive data, and disposing of information securely remain vital best practices to protect against credential abuse,” she said.

rohma@khaleejtimes.com