The spread of the Coronavirus has been accompanied by a further increase in cyberattacks against remote workers, government agencies, as well as national and international medical facilities. As the threats evolved, more warnings were issued by intelligence, national security and law enforcement agencies.
National security and law enforcement agencies warnings
In a joint advisory published by the U.S. and the U.K., officials detail various kinds of hackers as they continue to exploit the crisis. Specifically, hackers are involved with carrying out phishing and ransomware attacks as well as distributing malwares through malicious and fake videoconferencing and remote access applications. Recently, the FBI and Interpol published advisories that warned against cyber espionage operations by state-sponsored hackers and ransomware attacks that target medical institutions who have publically stated their involvement in COVID-19 related research. An internal warning was issued by NASA.
Warnings were also issued regarding the highly popular Zoom application. According to the FBI and India’s national CERT team, malicious actors have interrupted and hijacked online school classes. Malicious actors could also impersonate Zoom to steal information, carry out spamming, conduct phishing attacks and extort money. In response to the warnings, many government agencies and companies placed limitations or banned the use of the application, including Google, SpaceX, the U.S Senate, the Taiwanese government, the German Ministry of Foreign Affairs and the Australian Defence Force. On April 26th, Zoom’s CEO admitted that some non-Chinese users’ call data was mistakenly routed through China, an issue that has raised concerns regarding data privacy.
Heightened state-sponsored malicious cyber activity
Nation States have also increased their cyber espionage operations. A FireEye report identified a Vietnamese cyber espionage campaign that targeted Chinese government agencies in search of COVID-19 related information. Google’s Threat Analysis Group has identified over a dozen state-sponsored hacker groups targeting healthcare institutions. At the same time, states continued to spread false information in order to control narratives. A social media analysis company, Graphika, has identified an Iranian disinformation campaign aimed at accusing the U.S of creating and spreading the Coronavirus. An EU report about Chinese, Russian and Iranian disinformation campaigns was watered down after pressure from Beijing.
Increasing targeting of medical institutions and other related organizations
Cyberattacks continue to target medical institutions and other organizations as they struggle with the effects of the crisis. While hospitals in the Czech Republic foiled cyberattacks on their systems, Italy's social security website was taken down. Knowledgeable sources informed Reuters that Iranian-linked hackers had been responsible for the attacks on the World Health Organization in March 2020. The organization itself reported a fivefold increase in cyberattacks on its networks in comparison with the same period last year.
States and private sector companies announce efforts to mitigate the threats
States are planning to take a more pro-active approach to mitigate threats. Australia announced that the Australian Signals Directorate (ASD) mobilized its offensive cyber capabilities in order to thwart Coronavirus-related attacks and malicious activities. A bipartisan group of U.S senators called upon the Cyber Command to evaluate actions and to detect and deter cyber threats in the healthcare sector. The Department of Justice (DOJ) has increased its cooperation with technology companies in order to remove hundreds of malicious COVID-19 related websites.
Several other initiatives were launched by leading technology companies. Whatsapp and Facebook have taken steps to limit the spread of false information on their respective platforms. Facebook announced its cooperation and support of more than 60 fact-checking and content rating organizations in more than 50 languages. Microsoft has announced that its email security service AccountGuard is now available for free to healthcare staff.
|
|
|
