Coronavirus has sent a chill through the world economy and has spread fear beyond its origin in the Wuhan province of China. As the virus threatens to become a global pandemic, hackers and cybercriminals are using public apprehension over the outbreak to advance their agendas.
Hackers use coronavirus anxiety to target the healthcare industry
Fears over the coronavirus have hit healthcare industries where convincing-looking emails from the World Health Organization (WHO) or local hospitals contain payloads of key-stroke logging malware. Meanwhile, other attacks are focusing on the disruption to the supply chain that the coronavirus is beginning to inflict.
The supply chain attacks are unleashed with a coronavirus-themed email that contains malicious Microsoft Word documents and installs AZORult, an information-stealing malware.
Meanwhile, IBM recently warned consumers that ransomware has also entered the mix of coronavirus-themed payloads hackers are unleashing. Emails purporting to contain information about the spread of the coronavirus will secretly download the Emotet malware that allows hackers to steal information and deliver malware.
“This new approach to delivering Emotet may be significantly more successful, due to the wide impact of the coronavirus and the fear of infection surrounding it,” said IBM. With no sign that the coronavirus’s spread is slowing, this is ominous news for MSPs and cybersecurity professionals who have devoted considerable resources to fighting ransomware.
Coronavirus-themed attacks use common tactics
While these attacks are preying upon the anxiety over the coronavirus, the tactics they are using are nothing new, according to Vance Saunders, director of the cybersecurity program at Wright State University in Dayton, Ohio. Such predatory behavior by bad guys pre-dates the cyber-era. After natural disasters or national tragedies, scammers have always tried to prey upon human generosity and vulnerability to pad their pockets.
“Anytime that bad guys can take advantage of legitimate concern on the part of a large group of people, they will exploit it,” Saunders tells Smarter MSP, adding that phishing schemes are the “easiest” way to do this for cyber scammers.
Specifically during public crises like the #CoronaVirus, cybercriminals have used #phishing and other attack methods to prey upon human generosity and vulnerability to pad their pockets.
The WHO-themed emails scrape information from legitimate WHO pages to create a convincing-looking fake. For MSPs and security professionals seeking to keep their networks safe, the defense against being duped by a coronavirus-themed email is decidedly low tech.
“It just requires one to take a deep breath before getting caught up in the moment,” describes Saunders.
If a client’s business could be disrupted by the coronavirus, then perhaps a company-wide memo should be distributed to warn employees that phishing scams utilizing coronavirus information are circulating. Education is key. MSPs need to get out in front of the coronavirus malware by warning clients and their employees to not fall for scams that tie into the topic.
When something like coronavirus is all over the news, it can be easier to be drawn into fears of life or death, which the growing pandemic plays upon.
“It’s a perfect storm for the bad guys to exploit,” notes Saunders.
From a security standpoint, professionals need to use significant news events to heighten awareness, especially in industry verticals that tie into it.
“Every time a world event occurs, we know the attacks will be generated,” details Saunders. The events should be used as a reminder to monitor networks extra closely.
Take basic steps
Assuming you have already taken payloads like ransomware or keylogging into your risk management, beyond that it is merely about education and awareness.
“Technology can’t solve this problem,” admits Saunders, pointing to the tendency of people to fall for emails that tie into international news events.
In addition to education, a robust cybersecurity regimen should be in place around the themes of “detect, react, and adapt,” lists Saunders, explaining that one should monitor networks, anticipate what can be anticipated, and put measures in place to mitigate the impact.
In addition to education, a robust #CyberSecurity regimen should be in place where an #MSP monitors networks, anticipates attacks, and puts measures in place to mitigate the impact.
If an employee opens an infected email, you may not necessarily know it right away.
“Some types of malware are virtually impossible to find, even for professionals,” observes Saunders. The standard practices of periodically reimaging machines and backing up data regularly are both vital.
Practicing good cyber-hygiene, education, and deliberation will keep your clients from getting computer viruses. Meanwhile, the medical industry will hopefully find a way to stop the spread of the coronavirus.
Photo: myboys.me / Shutterstock