Coronavirus Pandemic Causes Cybersecurity Concerns
In just a few weeks, the coronavirus pandemic completely changed how Americans live their lives. At the same time, new “shelter-in-place” policies upended the way that most businesses do business.
As COVID-19 infections continue to rise and spread, more and more Americans will start to work from home. Due to our already cyber-connected lifestyle and technology, supporting remote workers is easier than ever.
However, an increased dependency on digital infrastructure also offers a greater variety of exploitable targets for hackers. According to Crowdstrike CEO George Kurtz, hackers have already stepped up the frequency of their cyberattacks. Meanwhile, a Threatpost poll revealed a low level of security preparedness when it comes to supporting remote workers.
In “Why Cybersecurity Matters More Than Ever During the Coronavirus Pandemic,” Algirde Pipikaite and Nicholas Davis connect the COVID-19 pandemic to elevated security risks. Pipikaite and Davis argue that more time spent online could lead to riskier behaviors.
The authors also caution remote workers that hackers will exploit pandemic-related anxieties in their phishing campaigns. Hackers love to play on your fears and anxieties. Right now, nothing inspires more fear and anxiety right now than the coronavirus. According to security experts, coronavirus-themed domain registrations are 50% more likely to be attached to a malicious hacker. We have already seen hackers load malware onto a map that spoofs the virus tracker maintained by Johns Hopkins University.
Pipikaite and Davis offer this advice for companies concerned about the online security of their remote workers:
- Step up your cyber hygiene standards.
- Be extra vigilant on verification.
- Follow official updates.
Meanwhile, in the interest of providing our clients and followers with useful information, we put together this special coronavirus-themed edition of the CNS data breach news roundup.
CORONAVIRUS AND CYBERSECURITY NEWS STORIES
Just as Americans began to realize the scope of the coronavirus pandemic, hackers hit the U.S. Health and Human Services Department with a cyberattack. Described as a distributed denial of service (DDoS) attack, it was an attempt to overload department servers with millions of hits over a few hours. Government officials claim that the attack was not successful and no data was lost.
Meanwhile, the National Safety Council tweeted about a “campaign of disruption and disinformation” related to fake text messages. An attempt to artificially inflate COVID-19 panic, the text messages warned about an imminent national quarantine. Given the speed and sophistication of the campaigns, insiders see Russia and China as “the most likely perpetrators.”
In the aftermath of the attack, Sen. Michael Bennett (D – CO) called on federal health agencies to allow an investigation into their security capabilities. Sen. Bennett sent the letter to the Department of Health and Human Services, the National Institute of Health and the Centers for Disease Control and Prevention. Lawmakers and experts especially worry about the security vulnerability of hospitals, food supplies and other vital services.
Already reeling from the worldwide decline in tourism and an outbreak about the Diamond Princess liner, Carnival Cruise Lines also recently announced a massive data breach. The breach resulted from a successful phishing campaign in May 2019. Exposed PII includes names, Social Security numbers, government ID numbers, passport numbers, credit card and financial account information, health information and more. The company expects to halt operations for several months during the coronavirus outbreak.
Hackers want to exploit the current climate of fear and uncertainty for their benefit. In one of the most despicable efforts to date, hackers spoofed the World Health Organization (WHO). They distributed a phishing email with a malware-infected link to a fake coronavirus e-book contained in a ZIP file. The incorrect hyphen added to “corona-virus,” along with other formatting and grammatical errors in the email, would set off alarms in security-aware end-users.
Over the last year of compiling data breach news articles, state governments appeared again and again. Now these vulnerable but vital organizations will send most if not all of their employees to work from home. The State of California alone employs over 200,000 people. But do they have updated security patches and firewalls? Are they running off an outdated and unsecured operating system such as Windows 7? Can their servers and Wi-Fi networks handle the additional bandwidth? These are the questions state governments will need to address in the weeks ahead.
With quarantines and social distancing efforts keeping most people at home, most city, county and state governments anticipate a recession. Unfortunately, the Louisiana Division of Administration spent over $2 million responding to various cyberattacks over the last year. Most of the costs went to paying staffers to travel to multiple districts and agencies to deal with ransomware recovery. Meanwhile, the New Orleans city government recently announced it would spend over $7 million to respond to a December ransomware attack against City Hall.
Additionally, Tillamook County in Oregon announced that it paid hackers a $300,000 ransom to regain access to its data. Carried out by an “international cybercriminals organization,” the attack encrypted county data on Jan. 22. The county’s server, website, internal systems, phone systems and email networks all got affected but the attack.
During a special meeting about the coronavirus, the Burke County Board of Education received updates on a March 8 cyberattack. The attack occurred through a successful phishing campaign and the use of Emotet malware. Although no Social Security numbers got compromised in the attack, the county will need to clean every single server, machine and device.
After an Arapahoe County employee clicked on the malware-infected, pseudo-CDC map mentioned above, county IT staff rode to the rescue. They shut down and isolated the malware, and then offered some additional security awareness training to the guilty party. Multiple formatting and grammatical errors in the phishing email should have been the tipoff. Thanks to the quick response, IT staff prevented the county’s 2,700 computers from getting infected.
Check back later this month for more cyberattack news coverage, and stay tuned for additional coronavirus-related security updates. Meanwhile, if you’re concerned about the online security of your remote workers, call Capital Network Solutions at (916) 366-6566. We can prevent you from becoming the next headline by protecting your system, data, email, devices and more.