fbpx
Search
Close this search box.

How Hackers are Using Coronavirus to Compromise Your Computer

Woman scientist working in a lab and looking into a microscope.

Given the rapidly evolving story around the COVID-19 pandemic, countless Americans are actively searching for information. Hackers have taken notice and are wasting no time trying to take advantage in a number of ways.

Website Registrations

Research shows that more than half of the Coronavirus registered domains are malicious. From a recent study by Check Point Software Technologies, Coronavirus-themed domain registrations are 50% more likely to be from malicious actors.

A popular interactive COVID-19 tracking map maintained by Johns Hopkins University was a recent target for malware. Hackers claimed to have compromised the John Hopkins map and that it was distributing malware. Noted security blogger, Brian Krebs, reported Thursday that the map has been targeted by hackers who are selling malware claiming to compromise the map and infect users. Johns Hopkins spokeswoman, Jill Rosen, said the university is aware of the malware that impersonates its COVID-19 site. The malware requires users to download software to generate the fake map, Rosen told MarketWatch. She warned users to only trust the maps at the John Hopkins site and the one maintained by ArcGIS.

Phishing

As of March 11, 2020, we believe that COVID-19 has been primarily used by cybercriminals as a theme for phishing attempts. We have observed at least three cases where reference to COVID-19 has been leveraged by possible nation-state actors. Nation-state actors aggressively target and gain persistent access to public and private sector networks to compromise, steal, change, or destroy information. They may be part of a state apparatus or receive direction, funding, or technical assistance from a nation-state. We assess that as the number of COVID-19 cases rise globally, as well as publicity around the virus, both cybercriminals and nation-state actors will increasingly exploit the crisis as a cyberattack vector.

Cybercriminals will often use the branding of “trusted” organizations in these phishing attacks, especially the World Health Organization and U.S. Centers for Disease Control and Prevention, in order to build credibility and get users to open attachments or click on the link. The number of references to COVID-19 in relation to cyberattacks has increased over the last two months, including country-specific phishing lures as the virus becomes more prevalent in that country. Recorded Future assesses that, for the duration of the outbreak, COVID-19 will continue to be used as a lure, and that new versions of these lures targeting new countries will emerge.

Cybercriminals will often use the branding of “trusted” organizations in these phishing attacks, especially the World Health Organization and U.S. Centers for Disease Control and Prevention, in order to build credibility and get users to open attachments or click on the link. The number of references to COVID-19 in relation to cyberattacks has increased over the last two months, including country-specific phishing lures as the virus becomes more prevalent in that country. Recorded Future assesses that, for the duration of the outbreak, COVID-19 will continue to be used as a lure, and that new versions of these lures targeting new countries will emerge.

COVID-19 has prompted many organizations to adopt dispersed workforces and the continuous flow of new information has provided threat actors a treasure trove of new avenues to attack. Threat actors have been observed creating phishing messages posing as herbal remedies for COVID-19, updates from reputable news sites and government organizations, and corporate updates on the organization’s COVID-19 response.

Tips on How Your Remote Employees Can Stay Safe Online

  • If you are using a COVID-19 tracking map, make sure you are only using maps from trusted domains of organizations such as John Hopkins University and ArcGIS.
  • Be suspicious of links in emails that claim to have new information.
  • Ensure your employees know how to report suspicious emails.
  • Be wary of shadow IT. Report problems of remote connectivity to your company’s IT team, and do not search for a work-around online.
  • Do not enter your username or password into websites that are not used frequently.
  • Make sure your employees know how your company will be broadcasting pertinent information to the organization.

These simple steps will have a drastic impact on protecting your organization during this turbulent time. Cybersecurity is our shared responsibility.

If you have any questions or concerns about your organization’s cybersecurity posture, please contact one of our experts here or calling us at (877) 367-9348. If you’d like to gauge the awareness of your staff around phishing, contact us today for a Free Organizational Phishing Test. We’ll send sample phishing emails to see how vulnerable your team may be as well as tips and recommendations on how to improve with Security Awareness Training. Contact us today to learn more.

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

AI for business: Where do you start? - Corsica Technologies

Where To Start With AI For Business

AI has taken the world by storm. It’s a big buzzword, but it’s also a real technology—and it’s doing some amazing things. That’s great for companies that are already using AI. But what if you’re not sure how to make

Read more
Cloud repatriation - reverse migration - Corsica Technologies

Cloud Repatriation 101: What’s Right For You?

As the phenomenon of cloud migration reaches maturity, companies are starting to scratch their heads—particularly when they compare the long-term cost of cloud hosting to the long-term cost of on-premises hosting. Sometimes, the numbers don’t add up. This is why

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.