The global coronavirus pandemic continues on, and the cyberattacks and scams continue to multiply. In the midst of the pandemic, hackers are capitalizing on fears surrounding the outbreak by crafting COVID-19-themed attacks aimed at infecting computers with malware or obtaining sensitive, personal information. Below are some of the latest examples of attacks and vulnerabilities to be aware of:
- Johns Hopkins University Interactive Map – Readers may be familiar with a popular interactive dashboard created by Johns Hopkins University using real-time data from the World Health Organization to track the spread of the virus. It has become a go-to source for many wishing to stay up to date on the virus. Recently hackers have circulated links via social media, email attachments and online advertisements to malicious websites that are disguised as the university’s COVID-19 map. However, the deceptive links open an applet that, when installed, infects the device with malware designed to steal personal data such as login credentials, banking information and other sensitive data. To ensure you are accessing the “real” COVID-19 map, directly access it through Johns Hopkins’ official home page, rather than clicking any unidentified links or searching the internet.
- Cyberattack on the Department of Health and Human Services (HHS) – The HHS is the lead federal agency for the COVID-10 pandemic response. It recently experienced a cyberattack when attackers attempted to overwhelm the department’s systems to slow or shut it down through a distributed denial of service (DDOS) attack. Department officials commented that the attack was unsuccessful, noted that no actual penetration into HHS’s networks or data breach occurred, and are continuing to work on determining the origin of the activity. Even as the government and the public are focused on the public health crisis, the security and intelligence community is also monitoring threats from foreign adversaries and other malicious actors taking advantage of the COVID-19 crisis to launch cyber-attacks on susceptible networks.
- Coronavirus Trojan – Another scheme capitalizing on coronavirus fears is a Trojan, or information stealing malicious program, targeting Windows. The Coronavirus Trojan mimics a real map of the global locations of COVID-19 infections, and tricks users into downloading the malware. The malware then steals user credentials and other personal data.
- CovidLock Android Ransomware – A new type of ransomware promises Android users an app purporting to find nearby COVID-19 patients and track the virus’s spread across the world. During the installation, the app tries to convince the user to grant it administrative access. Once the app is installed, the device is locked and the user is asked to pay ransom in bitcoin. If the ransom is not paid, the attacker threatens to release all private information and erase the phone’s memory.
- Android Safety Mask SMS Scam – This scam is in the form of an Android app that pretends to help users find safety masks. Instead, the user is directed to a fake website, while the app attempts to skim the user’s contacts and SMS messages. The victim’s contacts are then sent the same message luring them into the same scam.
- Zoom Security Flaws – Zoom has emerged as the go-to videoconferencing app during the pandemic. However, as the company’s user base has grown, so has its appeal to attackers. On March 30, the FBI warned users of “zoom-bombing,” in which online trolls sneak into meetings and disrupt them with harmful or indecent comments and graphics. That same day, a lawsuit was filed against the company alleging illegal disclosure of personal information to outside companies, such as Facebook, and asserting that Zoom does not utilize end-to end encryption. Zoom commented in a blog post that it did not design the product with the foresight that, in a matter of weeks, millions of people around the world would be suddenly working, studying and socializing with it. The company is currently evaluating its security practices.
- Health Care Provider Ransomware Attacks – Just as hospitals are struggling to treat an influx of patients suffering from COVID-19, healthcare providers and medical facilities have seen a surge of ransomware attacks. Ransomware attacks typically lock down computers until a ransom is paid for a decryption key. Because health organizations are under such enormous pressure, and computers often contain vital electronic medical records, the ransom is paid more often than it would be pre-COVID-19. In an unprecedented move, Microsoft recently sent out an alert warning several dozen hospitals of vulnerabilities in their infrastructure and providing recommendations for security updates. Microsoft’s threat monitoring team had seen evidence that the health care industry was particularly exposed, and that the adversaries behind attacks had extensive knowledge of systems administration and common network security misconfigurations.
In times of crisis and uncertainty like these, businesses and their employees should be more vigilant than ever of malicious attacks, malware, and scams, especially those relating to the diagnosis, prevention or treatment of COVID-19. Implementation of security best practices will reduce the risk of losing sensitive personal and corporate information and minimize damage and disruption to systems and networks. Among other preventative measures, businesses should revisit (and, if appropriate, enhance) their remote working policies and procedures, require (or reinforce) anti-phishing training, and use email and multifactor authentication. Employees and customers should not click on links without scrutinizing the URL (i.e., ensuring secured websites begin with “https://”), never respond to emails requesting login credentials, payment information, or other sensitive information, and be wary of opening suspicious attachments. Visiting websites directly, rather than clicking on embedded links to those sites in emails, is always a good practice. Now is a time to stay vigilant, and make sure your cybersecurity practices are up to date. For more guidance on Coronavirus scams targeting businesses, see the Federal Trade Commission’s advice outlining seven COVID-19 related scams that have been reported to the FTC.
McGuireWoods has published additional thought leadership related to how companies across various industries can address crucial coronavirus-related business and legal issues.