American and British security agencies issued a joint alert Wednesday about sophisticated hackers and other cybercriminals attempting to exploit the novel coronavirus pandemic.
Released by the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and the U.K.’s National Cyber Security Centre, the advisory cautioned individuals, businesses and organizations alike to remain vigilant in the face of ongoing attempts by bad actors to capitalize on the raging global health crisis.
And while the FBI and other federal agencies have previously warned about the coronavirus pandemic being used as a lure in malicious “phishing” emails and text messages, the latest alert noted that scammers seeking commercial gain are not the only sort of cybercriminals exploiting the outbreak.
APT groups — a term used to describe “advanced persistent threat” hackers that are often assumed to be state-sponsored due to the scope, sophistication and intricacy of their attacks — are also among those attempting to use the coronavirus pandemic to their advantage, the government agencies warned in the joint alert.
Without mentioning any APT group by name, the advisory said that some are actively exploiting the outbreak and likely to continue doing so during the coming weeks and months.
“Their activity includes using coronavirus-themed phishing messages or malicious applications, often masquerading as trusted entities that may have been previously compromised,” the agencies warned in the alert, adding that the goals and targets of the APT groups are “consistent with long-standing priorities such as espionage and ‘hack-and-leak’ operations.”
Among the tactics observed while monitoring the online activities of cybercriminals including APT groups was the use of coronavirus and COVID-19, the name of the disease it causes, as a lure meant to entice potential victims, the agencies explained. They cited instances in which malware was attached to emails claiming to include emergency coronavirus information, in addition other phishing emails directing recipients to a website used by criminals to steal data such as log-in credentials and other sensitive information.
Hackers have also been seen capitalizing on the surge of employees working remotely as a result of the coronavirus by exploiting publicly known vulnerabilities affecting various tools and software used in teleworking, the agencies reported.
The advisory was accompanied by advice to avoid falling victim to nefarious coronavirus-related campaigns, as well as data for more than 2,000 web domains and email addresses that the agencies have connected to some of the malicious cyber activity recently observed.
More than 1.4 million people have contracted COVID-19 since the first case was reported in late December, according to Johns Hopkins University. Over 85,000 people have died from the disease and more than 315,000 have recovered, according to the university.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.