Skip to content

Illustration by Security Management

Cyber Criminals Use Wide Array of Pandemic-Inspired Methods

The headline on the Ars Technica blog post sums it up pretty well: “The Internet is Drowning in COVID-19-Related Malware and Phishing Scams.”

As if those responsible for making sure IT and communications infrastructures can handle a rapid transition to 100 percent telework at companies all around the world was not enough of a job, the threat of cyber breaches has escalated in the past week. But bad actors are going to act badly, and when the world sees panic, criminals see opportunity.

First of all: The Johns Hopkins University Coronavirus Map page does not contain malware. In case you need reassurance: here’s the fact check. That said, as Snopes and so many others have said, cyber criminals are mimicking the Hopkins map, as well as the similar map and data page from the World Health Organization, and creating malware, ransomware, and phishing schemes designed to take advantage of a busy and information-starved public. And remember, these criminals are not necessarily the guy in a windowless basement in a dirty t-shirt trying to get rich with bitcoins. Many of these attacks are sophisticated, state-sponsored and highly targeted.

The criminals are dreaming up, and deploying these schemes fast, so while there’s a list of links describing attacks at the bottom of this post, it’s already going to be dated. Things to think about and do now:

  • Alert your staff to the dangers, reminding them of their role in cyberprotection.
  • If telework is something your organization is doing or considering, be sure you use or develop remote work cyber protection tips or policies.
  • On a daily basis (if not more often) check your cybersecurity resources to see if there are new things that would require your action or communication to your employees.
  • Work to ensure HR, IT, and physical security are all acting in concert.

A fake Android coronavirus tracking app is actually ransomware. Masked as an app with pandemic statistics, it locks a phone and demands $100 in bitcoins to unlock.

Group sells kit that uses Hopkins map as click bait to get people to download Java-based malware. The password-stealing malware appears to no longer be for sale, but no information is known about how many people may have tried to purchase and deploy it.

U.S. Health and Human Services Department sees increased cyber attacks. It’s unknown if the attacks are related to the pandemic, and HHS Secretary Alex M. Azar said the attacks were not successful.

Facebook, Google, LinkedIn, Microsoft, Twitter, Reddit, and YouTube release joint statement on misinformation. In the unprecedented statement, the companies pledged to elevate authoritative content and deleting hoaxes.

Czech Republic hospital hit by cyberattack. The hospital is the country’s largest COVID-19 testing center and it’s IT system had to be shut down.

Phishing attacks use real government organizations to look legitimate. From the World Health Organization to the European and U.S. Centers for Disease Control, phishers using realistic domains designed to look like real health organizations to steal passwords.

For more security-related resources on the COVID-19 pandemic, access ASIS's Disease Outbreak: Security Resources page, which is updated regularly.