Menu
Menu

Groups targeting organizations in ransomware attacks during COVID-19 pandemic, DHS warns

April 23, 2020 3110

The U.S. Department of Homeland Security on April 8 issued a cyberthreat alert on the growing use of COVID-19 related online schemes to steal sensitive information from unsuspecting users, including individuals and organizations.

The U.S. Department of Homeland Security on April 8 issued a cyberthreat alert on the growing use of COVID-19 related online schemes to steal sensitive information from unsuspecting users, including individuals and organizations.

“The techniques used by attackers prey on people’s appetite for information and curiosity towards the outbreak, with phishing emails and SMS messages using the virus as a lure to trick people into revealing credentials or downloading malicious software,” according to the joint advisory from the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency and the UK’s National Cyber Security Centre.

CISA advises taking extra precautions when opening emails that appear to be from a trustworthy sender or have subject lines about the COVID-19 outbreak. Other steps you can take to protect yourself and others in your address book include:

  • Take caution with unsolicited attachments, even from people you know.
  • Keep software up to date.
  • Trust your instincts.
  • Scan attachments before opening them.
  • Turn off the option to automatically download attachments.

In addition to COVID-19 phishing schemes, CISA and NCSC say cybercriminals are targeting more people who are working from home during the pandemic and have been “scanning for known vulnerabilities in remote working tools and software.”

Because more companies are relying on a remote workforce to stay connected to employees, the FBI has reported an increase in video-teleconferencing hijacking on platforms such as Zoom and Microsoft Teams.

CISA recommends remote workers follow this FBI guidance to help prevent VTC hijacking:

  • Ensure meetings are private, either by requiring a password for entry or controlling guest access from a waiting room.
  • Consider security requirements when selecting vendors, such as end-to-end encryption.
  • Ensure VTC software is up to date.

The agencies are expecting COVID-19-related attacks to increase in frequency and severity over the next few weeks and months and urge individuals and organizations to remain vigilant to these threats and cautious with suspicious emails.

For additional guidance on how to decrease the risk of a cyberattack, read the CDA article “Protect your practice from increased ransomware risk during COVID-19 crisis.”