Cyber Threats Amid COVID-19 Part 2: Business As Usual For Malicious Actors

Following on from last weeks article where we explored how malicious individuals are exploiting the COVID-19 pandemic for their own nefarious gains, luring victims with Coronavirus Maps and malicious apps. This week we are focusing on how threat actors are continuing their criminal activity whilst the rest of the world is in turmoil and providing advice and guidance on how to protect yourself in these torrid times.

At a time when healthcare facilities are overwhelmed across the globe, threat actors are making the most of the distraction. A key example of this is the COVID-19 testing laboratory in Brno University Hospital in Czechoslovakia which was hit by a severe cyber attack, resulting in it having to shut down its IT network. Other high profile attacks include the US Department of Health and Human Services which suffered an attack on its system, believed to have been an attempt to slow the agency’s system down.

Security companies are also continuously tracking state sponsored Advanced Persistent Threat (APT) groups from various countries across the globe and US cyber security firm FireEye reported that a Chinese group, labelled as APT41 had been ramping up activity in recent weeks. 

The group which has been targeting at least 75 organisations in 20 countries, are using campaigns which leverage vulnerabilities in software and devices manufactured by Cisco, Citrix and Zoho. Their aim is to steal intellectual property and corporate data from banking and finance, defence, government, technology, manufacturing, oil and gas, telecommunications and transport sectors. 

Although we have featured some high profile attacks in this article, all organisations are vulnerable and threat actors will always look for the weakest targets to exploit. Cyber security may have taken a backseat for your organisation amongst the current pandemic, but nothing has changed for the malicious individuals performing these attacks, with many using COVID-19 further their data theft and espionage activities. 

Our advice is to ensure that you have updated any relevant systems with the latest security patches and continue to perform regular backups. In addition, every user should be extra vigilant regarding suspicious emails and messages they receive as phishing campaigns and attacks are continuing.

If your organisation is working from home during this difficult time, we have also put together the following guide to help you ensure you retain a strong security posture.

The concluding part of our series we will focus on how fake news and misinformation is being used to leverage peoples concerns regarding COVID-19. In the meantime, if you require any assistance or would like to discuss your cyber security requirements in more detail, please get in touch.

This article was originally published by our Cyber Partners PGI and can be found here. The article has been updated for the benefit of our clients.

© SES Secure Limited and ses-escrow.co.uk, 2020. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk, with appropriate and specific direction to the original content.