How covid-19 became a fertile ground for cyber criminals
Fear and the need for more information on the pandemic have fuelled a disturbing rise in the number of cyberattacks
In a new report, multinational cybersecurity company Check Point Research has made public startling figures on cyberattacks built to take advantage of the novel coronavirus pandemic. In the three weeks leading up to 12 May, the company recorded around 192,000 coronavirus-related cyberattacks every week, a staggering 30% increase over previous weeks.
The April-May period also saw 20,000 new coronavirus-related domains on the internet—17% of these were malicious or suspicious, according to the report.
So, why has there been such a spike in cybercrime this year? Cybersecurity experts point to two aspects: fear and the need for more information. The rapid spread of coronavirus across the globe and the lockdowns that have been clamped to check it have forced people to work from home—and such users are among the most vulnerable.
“We have seen a 500% increase in covid-related spam mails in the first quarter of this year," says Venkat Krishnapur, vice-president of engineering and managing director of computer security software company McAfee India, explaining how online activity related to the pandemic has proved to be fertile ground for cyber criminals. “They know people are surfing, looking for covid-related search terms. They plan in advance…. The spam level goes up. They weaponize emails with links and attachments that are malicious. The number of URLs that carry malicious content also goes up," he says over the phone.
The scale of the problem is so unprecedented that international organizations like Interpol and the World Health Organization (WHO) have been releasing regular alerts and bulletins for the general public on covid-19 cyberthreats. Last month, Interpol’s cybercrime programme released a report, Global Landscape On Covid19 Cyberthreats, which identified the latest modes and threats. Online scams, phishing and disruptive malware, which includes the dreaded ransomware, are the prominent modes of attack.
“Business Email Compromise (BEC) has become the scheme of choice, involving the spoofing of supplier and client email addresses—or use of nearly identical email addresses—to conduct attacks," the Interpol report adds. Hashtags like #WashYourCyberHands have been trending ever since to keep users up to date about the scams evolving every second.
Video-conferencing apps are being impersonated while platforms like Microsoft Teams and Google Meet have also been used to attract potential victims. Recently, people fell prey to phishing emails that came with the subject “You have been added to a team in Microsoft Teams", the Check Point Research report notes. Clicking on the URL that accompanied this email would install malware on a user’s system, compromising its security. “This is a world that is spaceless, borderless and you really don’t know who is sending you an email," Krishanpur says.
Even organizations such as WHO have been used as a smokescreen. Users have been receiving emails, supposedly from WHO, offering information on safety measures to avoid infection. Some users have even opened emails that claim to be a request to donate to WHO’s COVID-19 Solidarity Response Fund. The fund does exist but WHO would never mail you from, say, a Gmail account, as was the case in this instance.
The organization website has a dedicated page that lists ways to protect yourself from hackers and cyber scammers. The page also carries an official link to the fund. “Any other appeal for funding or donations that appears to be from WHO is a scam," the page explains.
Avinash Prasad, vice-president, managed security services, Tata Communications, says that with the majority of the workforce adapting to a work-from-home situation, organizations will have to rethink the approach to security to become truly borderless.
“During global events or a crisis, some amount of phishing and targeted attack vectors invariably emerge due to the human interest angle…. For example, a threat vector that is being widely reported is the usage of covid-oriented themes for health or system updates for phishing or malware attacks as home workers are more prone to succumb to this technique," says Prasad, on email.
The scams are not aimed only at individual users. During the lockdown months, banks, real estate companies and other institutions too have been sending out SMSes and emails, asking customers to be wary of suspicious calls or emails. The education, healthcare and financial sectors, says Krishnapur, are particular targets. “People are looking for protective equipment, they are looking for cures, sanitizers, masks. Cyber criminals are using that need to create spam emails and URLs where they advertise such products at cheap prices," he adds.
This is not the only time a disease outbreak has led to a rise in malicious activities on the internet, says Krishnapur. Similar trends were also witnessed during the 2014 Ebola outbreak. “These methods are used over and over again. It’s just that the cause varies from time to time."
Clearly, phishing and other cyberattacks are here to stay.How do you protect yourself then? By maintaining what experts call good cyber hygiene. “Cyber criminals are essentially exploiting the man-machine weaknesses. Password hygiene is critical and you have to use the right tools like multi-factor authentication and password generators. The key thing is to stay alert and use common sense," says Krishnapur.
So, the next time you get an unsolicited email or a promotion campaign that looks too good to be true, think twice before you click on it.
FIRST PUBLISHED03.06.2020 | 08:00 AM IST