What pandemic? It appears cybercriminals are largely unaffected by the ongoing global outbreak of COVID-19. At a time when computer networks and internet access have become more important than ever, cybercrooks are not letting up on their schemes. Ransomware and DDoS attacks are on the rise. New kinds of cyber threats have emerged. Hospitals and healthcare institutions have even become favorite targets.
Rising DDoS and ransomware attacks
A paper released by the European Union Agency for Law Enforcement Cooperation (EUROPOL) reveals an unsurprising but still alarming behavior among cybercriminals. The agency discovered how crooks are stepping up their attacks even in the midst of a global pandemic. Hackers are also reportedly exploiting new vulnerabilities that have emerged in relation to the global response to COVID-19.
Most of the attacks are not necessarily new, but security experts see an intensification of cybercriminal activities. Bad players are said to be recruiting collaborators to defeat security measures more effectively. Concerted efforts to maximize the effects of attacks on institutions are becoming common.
The EUROPOL report suggests that the coronavirus pandemic is amplifying the impact of successful attacks on certain institutions. That’s why it’s becoming more imperative to have all of the necessary defenses including malware prevention and DDoS protection. Effective cyber resilience is particularly vital for organizations and facilities working to fight COVID-19.
The report notes a minimal increase in DDoS attacks immediately following the outbreak. However, the volume of these attacks is expected to rise in the short and medium term. On the other hand, there’s an upward trend in ransomware threats. Some inexperienced attackers are expected to resort to ransomware-as-a-service attacks, which may be less likely to succeed but should not be treated lightly. Additionally, EUROPOL also sees an uptick in malicious domain name registration.
Cybercriminals understand the importance of online connectivity, as lockdowns and community quarantines force people to stay at home and rely on the internet for their work, shopping, and entertainment. These cyber crooks escalate their attacks when businesses and organizations are more likely to succumb to extortion (through ransomware) as they desperately seek to recover and maintain their uptime. They may also attack (using DDoS) to disadvantage business competitors, pursue hacktivist ends, or advance political agendas.
‘Innovative’ attacks
As mentioned, attackers are becoming ingenious as they see more potential victims with more people staying at home and spending more time on the internet. The early months of the global COVID-19 outbreak have seen the rise of COVID-19 malware, which targets people who are eagerly looking for updated information about the pandemic.
This malware convinces people to install an application that supposedly provides a visual presentation of the global health problem along with numerous stats from different parts of the world. Its main objective is to trick victims into submitting their login credentials for Facebook, Netflix, and other online accounts. As soon as the victims interact with this malicious app, tabs or modal windows pop up, asking the user to sign in to their social media or other online accounts so they can access the information they need.
Another “enhanced” form of cyberthreat that rides on the coattails of the COVID-19 infamy involves a combination of ransomware and DDoS attacks. This may be referred to as RDoS. This threat often uses DDoS as a smokescreen so ransomware or other malware can be introduced into a system with less attention from an organization’s security team. In some cases, the DDoS itself is the main attack and the attackers tell the victim that they will only stop if the latter pays the ransom demanded.
Attacks on healthcare institutions
On March 13, a high-profile cyber attack hit the second biggest hospital in Czech Republic tasked with conducting COVID-19 tests. The hospital is managed by the Czech health ministry. It’s unclear how the attack affected the hospital’s systems, but it’s a clear reminder for the need to beef up cyber security.
The United States Health and Human Services (HHS) also suffered a similar attack to disrupt its services as well as to sow disinformation. The National Security Council said that the attack failed to impair the normal functioning of the HHS and federal networks. Efforts are underway to strengthen IT security across the board as attempts to undermine the government’s response to the COVID-19 pandemic are expected to intensify.
In the last week of March, the French cybersecurity agency revealed that the Paris hospital authority became the target of a cyber attack. The incident reportedly attempted to disable hospital services by overloading the agency’s computers.
These are just some of the many examples of the incessant and increasing attacks on hospitals and other healthcare facilities. The International Criminal Police Organization has issued a purple alert to all member countries on this matter, citing their detection of a considerable increase of cyber attacks on organizations involved in the ongoing pandemic response.
Keeping safe
To combat the intensified attacks of cybercriminals, it’s important for businesses, institutions, government agencies, and individuals to step up. This does not necessarily mean the need for new software defenses and methods. The tools and strategies for fighting cyber threats then and now are mostly the same. What needs an upgrade is people’s cybersecurity vigilance and mindfulness.
It’s essential to have all the basic protection including antiviruses or anti-malware software, an updated operating system, updated apps, and VPNs (in some cases). Almost all of the leading antiviruses or malware prevention tools at present are multifunction, providing more than just basic virus detection and removal. They also include highly useful features like email attachment scanning, privacy management, link scanning, and real-time malware blocking (when accessing web pages). OS and app updating, on the other hand, is necessary to make sure that you are using software that has the latest security patches and bug correction.
More importantly, everyone needs to be more aware of the threats. Social engineering remains to be the most viable approach in successful cyber attacks, as it takes advantage of the infirmities of human judgment. That’s why it’s vital to be careful when clicking on links, downloading attachments, and installing applications. Security experts also advise against using unfamiliar web pages or doing browser-based app installation, especially if they were shared by unknown sources.
For organizations that run online services or operate interconnected computer networks, it may be necessary to sign up to security solutions such as DDoS protection, web app firewalls, bot management, API security, runtime application self-protection, and account takeover protection. Most businesses likely already have these, but the current security systems put in place may need reassessment and updating.
The takeaway
Enhanced and increased attacks from cybercriminals during crises are not unexpected. The only logical response to these is to be equally clever by anticipating the threats, installing all the necessary protective measures, and improving your cybersecurity knowledge and instincts. Stepping up against cybercrime does not always require new security solutions. In most cases, it’s enough to update your software, enforce security measures more strictly, and keep abreast of the latest threats and best practices.