Covid-19 Still Poses a Health Risk for Your IT Infrastructure

According to Interpol, the international criminal police organisation, criminals have created thousands of new websites to launch spam campaigns and phishing attacks or spread malware in connection with the global pandemic. There are a considerable number of registered domains on the Internet containing the terms "coronavirus", "corona virus", "covid19" and "covid-19". The attackers expect, not entirely without reason, that the cyber defence measures of many companies have been weakened because of the corona crisis.[1] So they use their websites as a basis for spreading spyware and Trojans. According to Interpol, such malware has also been found on interactive coronavirus maps.

IBM X-Force, one of the best-known IT security research teams around[2], has also observed a significant increase of the threat level. The X-Force team members continuously monitor and analyze the IT security situation and use the results to provide the basis for the IBM security portfolio. Their findings underline the analysis of Interpol. In a recent report, IBM even speaks of a 'cyber war' with regard to the current situation.[3]

A Covid-19 SPAM explosion

X-Force specialists report a 60-fold increase of spam containing coronavirus topics as well as the sale of malware in the dark web related to the coronavirus crisis - even virus-related discount codes have been offered. The researchers found that domains related to COVID-19 are 50 percent more likely to be malicious than other domains registered during the height of the pandemic. Phishing activities have also increased. As an example, X-Force cites phishing e-mails aimed at small businesses that want to apply for emergency credits.

The consequences of such attacks can be devastating. The tendency to make hasty decisions in times of crisis accelerates the possibility for criminals to steal data and compromise business processes say X-Force security experts. For example, a denial of service (DDoS) attack on an already congested infrastructure can be far more damaging than an attack launched when additional capacity is readily available.

Hospitals are particularly at risk

According to Interpol the ransomware problem is once again raising its ugly head. Hospitals, medical centres, as well as other public institutions are particularly at risk. Since they are facing special challenges in the current situation and cannot afford to be locked out of their systems, the attackers assume that they will have an easier time getting their ransom money. Ransomware enters IT systems the usual way: through e-mails with infected links or attachments, through compromised employee data or by exploiting a weakness in the system.
Needless to say, the current global IT security problem also affects Swiss companies. The National Centre for Cyber Security of the Federal Government notes that criminals are trying to exploit the fears and worries of the population for their purpose[4]. The security specialists warn of phishing e-mails that allegedly originate from the World Health Organisation (WHO) or the Swiss Federal Office of Public Health (FOPH) and also of telephone calls made on behalf of the FOPH in order to obtain personal information. Furthermore, they warn of purported charities requesting donations to develop a vaccine for COVID-19 and online shops offering medical products such as protective masks that will never be delivered.

A series of challenges

The COVID 19 pandemic appeared very quickly and very surprisingly. Many of those involved were (and are) not equipped to meet the resulting business challenges. This is not surprising: The situation presented a lot of new problems and demanded quick solutions. As far as the IT security situation is concerned, UMB can support you and help you ensure that you and your IT are capable of coping with such unusual situations. The UMB security team is able to quantify your risk and classify the security level of your assets according to criticality and complexity. Please contact us.

[1] https://www.interpol.int/en/Crimes/Cybercrime/COVID-19-cyberthreats

[2] https://www.ibm.com/security/xforce

[3] https://www.ibm.com/downloads/cas/Y5QGA7VZ

[4] https://www.melani.admin.ch/melani/de/home/themen/covid-19.html