A new joint advisory from U.K. and U.S. cybersecurity officials warns that cyber criminals are targeting individuals and organizations with a range of hacking tools like ransomware and malware.
With the U.S. and much of Europe under government-imposed lockdowns due to COVID-19, many employees are working from home to help prevent the spread of the disease. This means employees are relying on their home networks to fulfill their work duties.
According to the advisory from the U.S. Department of Homeland Security Cybersecurity and Infrastructure Agency (CISA) and the UK National Cyber Security Centre (NCSC), cybercriminals are targeting Individuals, businesses and organizations of all sizes with these attacks, including phishing attempts and exploiting security lapses in remote meetings.
These tactics include spoofing emails from public health experts like the World Health Organization, claiming to offer thermometers and face masks to help fight the pandemic and scanning for vulnerabilities in software and remote working tools employers are using to communicate with employees during this crisis.
Attackers — including individual cybercriminals and advanced persistent threat (APT) groups are preying on our appetite for information and curiosity towards the coronavirus, with phishing emails and SMS messages using COVID-19 as a lure to deceive users into giving their credentials or downloading malware, officials say.
Criminals are also looking for vulnerabilities in remote working tools and software like videoconferencing and collaboration software, including Zoom and Microsoft Teams. Hackers are also sending phishing emails with attachments naming legitimate software providers in an attempt to trick end users into downloading malicious files.
Last week, the U.S. Federal Bureau of Investigations warned of online meeting hijackings after two schools in Massachusetts reported unauthorized users joining meetings.
These attacks are expected to increase in frequency and severity over the next weeks and months, officials say.
To mitigate this risk, the agencies instruct users to follow agency guidance on how to spot phishing attempts and phony messages, as well as security tips on working from home.
- NCSC guidance for the public to help them spot, understand and deal with suspicious messages and emails
- NCSC phishing guidance for organisations and cyber security professionals
- NCSC guidance on mitigating malware and ransomware attacks
- NCSC guidance on home working
- NCSC guidance on End User Device security
- CISA guidance for defending against COVID-19 cyber scams
- CISA Insights: Risk Management for Novel Coronavirus (COVID-19), which provides guidance for executives regarding physical, supply chain, and cybersecurity issues related to COVID-19
- CISA Alert (AA20-073A) on enterprise VPN security
- CISA website providing a repository of the agency’s publicly available COVID19 guidance