Covid-19 Pandemic Sets a New Stage for Hackers


Hackers always leverage on human emotions for their financial benefits. The tough times of global pandemic Covid-19 is no different. Many countries had already faced countless phishing attacks with the Covid-19 tag. These attacks are an updated approach to their existing hacking techniques. The Covid-19 outbreak has compelled enterprises of all sizes to shift their day-to-day corporate activities from office to home.

Cybercriminals are using social engineering tactics to exploit the benefit amid this pandemic situation. Even large ransomware organizations like Doppelpaymer and Maze had come up with statements regarding their business offerings. They offer exclusive discounts for decrypting and deleting the compromised data. Malicious activities of cyber criminals during this pandemic include flooding the healthcare website’s traffic and sending out malicious emails on behalf of globally recognized health-related organizations.

What’s new with the latest attacks

Attacks were more prevalent while most of the companies enabled employees to work from home aiming for social distancing and safety as top priorities. However, remote working poses companies the danger of remote cyber threats now. Careful management of individual devices and networks is not possible in at least a few companies in this situation. The employees have to access the office network remotely. If an employee’s computer is infected, then this can infect all other computers connected to the network. Since most of the employees connect through home routers that are not updated or patched, it can result in serious exploits. Lack of multi-factor authentication can also risk networks. There are chances for hackers to harvest weak user credentials and make the network vulnerable.

There can be employees who use their official devices for personal use. In such cases, the chances of being susceptible to phishing emails are more. Open redirects where a website automatically directs to a malicious channel or business email compromises where the email appears to be sent from a trusted organization are the common type of phishing emails circulated during the Covid-19 pandemic. The following are a few examples of such fake emails spread across different countries.

Real-time examples

Cybersecurity firm Proofpoint observed a strange email sent to its customers during February 2020. The message contained details about a doctor claiming to have details of a vaccine funded by the Chinese and the UK Governments. Those who click on the document attached to the email will be taken to a spoof website designed to harvest the login details of the users.

Another example is an alert from Her Majesty's Revenue and Customs (HMRC) where the email says that the residents can claim a tax rebate based on their income to help support them during hard times. The receivers have to click on a link to claim their refund. This would direct them to a forged government webpage, which encourages the victims to provide all their financial and tax information.

Many globally recognized organizations, such as the World Health Organization (WHO) and the Centre for Disease Control and Prevention (CDC) were impersonated by hacking campaigns. They sent emails with attachments that claim to contain measures that prevent the spread of the disease. But the attachment was later found to contain malicious software called AgentTesla Keylogger.

Scam emails designed to resemble that it is sent by the CDC also directs victims to a bogus Microsoft page. They are then encouraged to enter their email and password. The victims are further redirected to a real CDC advice page that makes it look more authentic. Another scam email from CDC seeks donations in Bitcoin to develop the Covid-19 vaccine. In both cases, the email addresses and makeup looks convincing to the residents or citizens.

How it differs from Pre-Covid-19 cyber attacks

A key highlight of most of these cyber crimes is that they follow the traditional mode of attacks. Studies show that 92% of malware distribution is facilitated via emails. This didn’t change much during Covid-19 times. Users cannot grapple with what hits on your inbox. However, they can take decisions on which messages or attachments need their correspondence.  The content of the phishing emails is also similar to what was there in the past. Malware experts Kaspersky says that they had identified over 513 files with coronavirus in their title which are malware. Healthcare organizations have become the top priority of hackers. Cybercriminals are interested in the information these organizations have collated. The highly regulated, valuable data and prompt response of people to health-related content they receive during pandemic also attracts hackers to hunt their treasure during Covid-19.

The battle between cybersecurity experts and hackers is an ongoing activity. But the automated phishing attacks that are deployed in huge numbers during difficult times like this makes the scene more favorable to the attackers. The white-hat groups have associated together to defend the hackers who are taking advantage of the pandemic. The threat actors have no ethics. However, the methods security experts use to shield the hackers are proven to be effective against the latest attacks.

How to address the new attacks

A majority of the internet users encounter one or another type of malicious attack during their interaction with the World Wide Web particularly during hard times like this. They can consider the relevant guidelines that need to be practiced during the current situation. Users should ensure that they are accessing emails from trusted sources. Never rely on emails with unexpected documents, requesting your user credentials. Organizations like WHO and CDC have their own cyber guidelines and they regularly update the public about these policies. You can also report any suspicious emails received on behalf of any of the likes of these organizations.

If we observe the trend, hackers never hesitate to jump and grab any opportunity during disruptive events that impact the world. The Covid-19 pandemic isn’t any different. Cybersecurity organizations confirm that most of the recent campaigns have leveraged the Covid-19 tag to compromise their victims. Coronavirus-themed business emails are used to deliver spam, steal user credentials, and infect victims with malware. When governments and businesses are trying to contain the pandemic, security experts are in an attempt to identify and contain the current spike in malware. They expect similar threats to continue until the threat from coronavirus settles down across the globe. The best thing any internet users can do is to stay aware of these risks and stand in a better position to take required precautions on time.