Jurijs Rapoports: How cybercriminals are capitalising on COVID-19
The basic purpose of a cybercriminal is to exploit humanity when it's in a vulnerable state. And, when it comes to the situation at hand these days, there hasn't been a more vulnerable time in recent history for the world. Unfortunately, cybercriminals are making the most of this situation. Amid all the panic and chaos, people have stopped thinking about things logically. From believing the coronavirus-related information on WhatsApp to stockpiling toilet paper, the world has stopped thinking about anything factually, welcoming cyber attacks with open arms. Here's a small recap of all the bad that cyberterrorism is causing because of the coronavirus.
We've all gotten used to spam and getting infinite messages about herbal vaccines to the virus. But there are times when spam has malware hidden inside. A malware attack first reported by MalwareByte reported that people are supposedly receiving emails from vendors claiming to be representatives of the World Health Organization. The email claims to have an attachment named MyHealth-Ebook.zip containing information about how people can stay safe from COVID-19. But it contains code for a download called GuLoader. GuLoader loads an information-stealing Trojan called FormBook. Formbook is one of the most common info-stealers and has a pretty sweet set of things it can swipe. From logging your keystrokes to stealing browser data to peeking into your copied contents: this Trojan can do it all.
Attacking Medical Facilities
The above incidents report people imitating the WHO, but there are also cases where cybercriminals are launching full-fledged attacks against the health institutes committed to fighting the COVID-19 virus. This includes both medical as well as research facilities. The attacks are pretty much ransomware where the attackers encrypt the files of the facility and require a certain amount of cash to be paid to provide the decryption key. A reported case of a ransomware attack would be the attack on UK's Hammersmith Medicines Research (HMR) which is currently performing trials of a COVID-19 vaccine. The company had all their data encrypted and since they were unable to pay the ransom, data containing information of former patients were released to the public. Another few reported cases are in hospitals. While it doesn't directly have any major effect on the lives of coronavirus patients, the real problem is the crisis it creates for the patients. Hospitals in affected countries like Iran, Italy, and China are already devastated from the number of patients they must cater to. And, having to deal with a cyberattack is not something that they're ready for. It's like adding fuel to the fire that's already burning really high. However, not all news in this article is bad. There are white hat hackers as well as cyber protection companies like Sensora who are coming to the defence of hospitals. Sensora is providing free-of-charge services to hospitals that are affected by ransomware.
How Can you Save Yourself from Cybercriminals?
If you're an organisation looking to stay safe, there's not much you can always do other than keeping your IT support IT-security ready. But, if you're an individual, you should keep an eye on the stuff that you're receiving over the internet. Protect yourself from false news and rely on trusted news sources for information relating to the COVID-19 virus.
Find out how to avoid coronavirus-driven phishing attacks in this article here.