Coronavirus Sets the Stage for Hacking Mayhem
The Coronavirus Pandemic has impacted the global economy, daily life, and human health around the world, changing how people work and interact everyday. But in addition to the pressing threat the virus poses to human health, these rapid changes have also created an environment in which hackers, scammers, and spammers all thrive.
Coronavirus phishing scams started circulating in January, from fear and confusion about the virus—and they've only proliferated since. Last week, Brno University Hospital in the Czech Republic—a major Covid-19 testing hub—suffered a ransomware attack that disrupted operations and caused surgery postponements. And even sophisticated nation state hackers have been using pandemic-related traps to spread their malware. The conditions are well suited for cyberattacks of all sorts.
More people than ever are working from home, often with fewer security defenses on their home networks than they would have in the office. Even in critical infrastructure and other high-sensitivity environments where it would be impossible to securely work from home, skeleton crews at the office and general distraction can create windows of vulnerability. And in times of stress or distraction, people are more likely to fall for malicious scams and tricks.
Meanwhile, phishing and scam websites themed around the pandemic are exploding on the web; some reports estimate thousands of new domains cropping up every day. Crane Hassold, senior director of threat research at the email security firm Agari, says that his team is particularly wary of the threat phishing poses to people working remotely. Home Wi-Fi often doesn't have the same defenses—think firewalls and anomaly detection monitoring, systems that would usually be in your office's.
Covid-19 scams aren't just being used by criminals for monetary gain. They’re also showing up in more insidious operations. Mobile security firm Lookout published findings on Wednesday that a malicious Android application has been posing as a Covid-19 tracking map from Johns Hopkins University, but actually contains spyware connected to a surveillance operation against mobile users in Libya.
Rapid changes to daily life during the pandemic have also changed how people interact with internet-connected technologies. Without time to develop tailored defenses, that also means new exposures and risks.