previous arrow
next arrow
Slider

Coronavirus now possibly largest-ever cyber security threat

 Published: March 18, 2020  Created: March 18, 2020

By Alex Scroxton

The cumulative volume of coronavirus-related email lures and other threats is the largest collection of attack types exploiting a single theme for years, possibly ever. The total volume of phishing emails and other security threats relating to the Covid-19 coronavirus now represents the largest coalescing of cyber attack types around a single theme that has been seen in a long time, and possibly ever, according to Sherrod DeGrippo, senior director of threat research and detection at Proofpoint.

To date, Proofpoint has observed attacks ranging from credential phishing, malicious attachments and links, business email compromise (BEC), fake landing pages, downloaders, spam, and malware and ransomware strains, all being tied to the rapidly spreading coronavirus. “For more than five weeks, our threat research team has observed numerous Covid-19 malicious email campaigns, with many using fear to try to convince potential victims to click,” said DeGrippo.

“Criminals have sent waves of emails that have ranged from a dozen to over 200,000 at a time, and the number of campaigns is trending upwards. Initially, we were seeing about one campaign a day worldwide; we’re now observing three to four a day. This increase underscores just how appealing global news can be for cyber criminals.” In the past week alone, a number of deeply concerning campaigns have emerged that appear to be targeting the critical healthcare, manufacturing and pharmaceutical industries. DeGrippo said she had observed a campaign originating from advanced persistent threat (APT) group TA505 – which was behind the Locky ransomware strain and the Dridex banking trojan – using coronavirus loads in a downloader campaign.

Downloaders are particularly dangerous threats because once they have been delivered and installed, they can download additional types of malware. The TA505 group is considered to be one of the more significant financially motivated threat actors currently operating. Other campaigns targeting the healthcare sector include emails offering coronavirus cures or vaccines in exchange for bitcoin payment. Needless to say, this is a cover for a downloader, and once it is installed, victims will open themselves up for second-stage ransomware payloads.

Other campaigns targeting the healthcare sector include emails offering coronavirus cures or vaccines in exchange for bitcoin payment. Needless to say, this is a cover for a downloader, and once it is installed, victims will open themselves up for second-stage ransomware payloads.

“They know people are looking for safety information and are more likely to click on potentially malicious links or download attachments. It said that in addition to using protecting virtual private networks (VPNs), 

“The Covid-19 lures we’ve observed are truly social engineering at scale,” said DeGrippo. “They know people are looking for safety information and are more likely to click on potentially malicious links or download attachments. It said that in addition to using protecting virtual private networks (VPNs), home workers should stay particularly vigilant for malicious emails regarding remote access and fake websites aimed at ensnaring unsuspecting remote workers.


https://www.computerweekly.com/news/252480238/Coronavirus-now-possibly-largest-ever-cyber-security-threat


No Thoughts on Coronavirus now possibly largest-ever cyber security threat

Leave A Comment