For many organisations, cyber security has taken a backseat as we deal with the COVID-19 pandemic. However, a change in working practices and a growing thirst for the latest information have led malicious actors to exploit the outbreak for their own nefarious gains.
We shared some suggestions to keep your organisation running smoothly in these uncertain times in a previous article. However, given the many ways in which malicious individuals are exploiting COVID-19 to lure victims in, we have compiled a short, three-part series exploring some of the tactics used by criminals to exploit the ongoing pandemic and help you remain vigilant.
One of the most successful attacks we have witnessed has been exploiting interest in Coronavirus Maps which can be accessed by the general public to track the spread of the virus. One of the most popular tracking sites is a tracking tool produced by the John Hopkins University. This is regarded as one of the most accurate sources of information and malicious actors are using convincing copies to trick unsuspecting users into downloading and running malicious applications which install malware on the users system to steal sensitive information such as usernames and passwords.
A similar version of this crime, specifically targeting android users is locking them out of their devices with ransomware. A malicious Coronavirus map domain is distributing a version of an outbreak tracker called Covid 19 Track. Whilst the app claims to offer similar data to the John Hopkins map, anyone downloading the app will find that their screen will become locked and will be presented with a ransom note claiming their phone has been encrypted. Victims will then be threatened that all of their content, including pictures, videos and contact lists will be erased if they do not pay a $100 ransom in bitcoin within a 48 hour period.
To minimise risk and protect yourself against these types of attack, we recommend that anyone seeking out a COVID-19 tracker map should search for the relevant website via a traditional search engine and always avoid links sent via email or social media. We also recommend only downloading apps via the official Google Play or App Store to minimise risk and regularly backup your mobile devices so your data can be restored if necessary.
Next week, we will explore how criminals are using the disruption created by COVID-19 to continue their malicious activities. In the meantime, ensure you continue to make cyber security a priority and if you would like to speak to our specialists to discuss your cyber security questions or requirements, please get in touch.
This article was originally published by our Cyber Partners PGI and can be found here. The article has been updated for the benefit of our clients.
© SES Secure Limited and ses-escrow.co.uk, 2020. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk, with appropriate and specific direction to the original content.