Although COVID-19 has dominated the news cycle for the better part of 2020, there is still so little that is known about this novel virus. Feelings of uncertainty continue to pervade our everyday lives, which ultimately benefit nefarious actors.
While cybersecurity may not be the first issue on someone’s mind right now — and rightfully so — cybercriminals are leveraging the heightened attention on COVID-19. In fact, Constella has observed an influx of cybercrime, including sextortion/blackmail emails, fake news, ransomware, phishing and credentials harvesting. It is as important as ever for companies to enhance their security postures and prepare for the cybersecurity fallout of COVID-19.
Today, Constella published its COVID-19 Threat Report, which details notable cyber schemes prevailing over the current cyber threat landscape. The aim of this report is to provide insight for consumers and businesses alike and raise awareness toward these cybercrimes.
Notably, Constella has observed numerous fake news/hoax campaigns that seek to destabilize countries in the international arena, influence the stock market or affect the public’s perception of global governments and/or political parties.
Some patterns that have emerged include:
• messages inciting people to hoard large amounts of essential products in the face of lockdowns
• circulation of fraudulent products that claim to “cure, treat, or prevent COVID-19” which haven’t been evaluated by regulators for safety and effectiveness
• conspiracy theories surrounding the origin of the pandemic that allege the involvement of Chinese government actors.
Beyond the spread of misinformation, which will be a key issue heading into the 2020 U.S. presidential election, hacker groups have targeted entities within the healthcare sector with ransomware campaigns. This is happening in spite of some cybercrime gangs vowing to stop attacking health and medical organizations during COVID-19.
As detailed in the report, Constella has detected numerous ransomware attacks during the lockdown period, including CoronaVirus, CovidLock, and Ryuk Ransomware.
Phishing campaigns have also continued to make headlines, as cybercriminals send virtual messages masquerading themselves as legitimate organizations — such as the World Health Organization (WHO) or the Centers for Disease Control and Prevention (CDC) — targeting hundreds of millions of institutions each day.
Further, as the majority of the global population has been home seeking alternative methods of communication and entertainment, Constella has seen a surge in downloaded social media applications, which has created a lot of traction on underground forums. Cybercriminals are stealing access credentials and confidential data from unprotected apps. In turn, this stolen breached data is sold in black markets and exposed in the deep and dark web. Constella, for example, analyzed various forum activities and uncovered exposed Zoom application credentials.
On deep and dark web forums, Consetlla has also found a significant increase in the number of threads, items offered for sale, and hacking information related to COVID-19. Interestingly, the report lists the most sold items on the black market during the COVID-19 pandemic, and this list includes coronavirus masks, vaccines and cures.
Fortunately, there are many resources that help to combat these threats
Individuals can file a report on malicious Bitcoin addresses associated with blackmail threats and scams at bitcoinabuse.com.
Bayshore Networks, a cybersecurity leader in industrial IoT space, provides a free 90-day program for their OTaccess, a cloud-hosted, software-defined network remote access product so industrial at-home workers can access industrial control systems.
C5’s Cyber Alliance, of which Constella is a member, includes many of the world’s leading cybersecurity experts who contribute their services and knowledge for free to powerfully unite and combat cyber threats to global health organizations.
Consetlla’s VP of Threat Research, Alberto Casares, launched a pro bono effort by aggregating, investigating, and reporting on the various email scams targeting victims of previously exposed credentials.
Everyone must take heightened precautions and be alert for suspicious activity. COVID-19 has impacted more than just our physical sphere — despite dwindling budgets and changes in business priorities, a strong security posture is essential to prevent even further harm. To learn more, download the COVID-19 Threat Report here.
Interested in our work? Please contact us at firstname.lastname@example.org. To learn more about Constella, subscribe to our newsletter below.