Weeks into the Corona Virus pandemic and life has been dramatically altered, for the foreseeable future. As families adjust to the new realities of a work-at-home, school-at-home, and socialize-at-home culture, digital life has never been more critical to our day-to-day routines. It also means cyber security has never been a greater risk.
Everywhere you turn, malicious actors are pouncing on the chaos created by COVID-19. Take videoconferencing platforms, which has fast become a staple for the work-from-home workforce as well as for families and friends trying to stay in touch. Hackers are targeting platforms with malware attacks to exploit this rise in popularity as a communications lifeline during the pandemic.
As families adjust to the new realities of a work-at-home, school-at-home, and socialize-at-home culture, digital life has never been more critical to our day-to-day routines.
In just the last few weeks, cyber criminals behind the Ginp banking Trojan attempted to steal visitors’ credit card numbers by dangling an offer to provide the exact location of Coronavirus-infected persons in close proximity in exchange for a small fee. Emails purporting to come from the leader of the World Health Organization (WHO) were circulated in a phishing campaign designed to plant a variation of the HawkEye malware on systems for keylogging and credentials stealing. And in another doozy, false messages posted on social media and in text messages invited recipients to click on a link to claim free Netflix passes to pass time during COVID-19-induced isolation—an offer the entertainment giant claims is bogus. That’s just the tip of the iceberg, caution experts who are warning of a prolonged period of cyber security red alerts.
The response: The government, in recognition of heightened cyber security risks, has made public overtures that it won’t put up with any COVID-19-related bad actor actions. Just last week, the U.S. Department of Justice said it will prioritize the investigation and prosecution of coronavirus-related crimes. It has also instructed US Attorneys to appoint local Coronavirus Fraud Coordinators to field reports and investigations aimed at keeping the latest opportunists at bay. In a semi-related move, the White House Office of Management and Budget (OMB) encouraged its own federal agencies to consider alternative methods of authentication to ensure the cyber safety of government employees suddenly thrust into telework scenarios and at increased risk of being hacked.
If the experts are right - and it looks like they are – the lesson is clear: stay vigilant. We are at the very beginning of what’s likely to be a long and dangerous wave of cyber security crime.
* * *
While COVID-19 shines a spotlight on the super heroes in our healthcare sector, it’s also showcasing some pretty impressive manpower doing battle on the cyber security front. Meet Cyber Volunteers 19 (CV19), for example, a volunteer organization of information security professionals set up to provide cyber support post COVID-19 specifically to health care service providers in the U.K. and Europe, which are under attack during this crisis. The group, with more than 3,000 volunteers, is lending its skills in areas such as incident response, research, risk management, and training. There is also the COVID-19 CTI League, a group of 400 cyber security volunteers from more than 40 countries coming together to fight coronavirus-related attacks.
While COVID-19 shines a spotlight on the super heroes in our healthcare sector, it’s also showcasing some pretty impressive manpower doing battle on the cyber security front.
Even cyber security providers are getting in on the act. Cyber Risk Aware, a cyber security awareness training company in Ireland, announced it would provide free COVID-19 phishing tests for businesses, essentially providing a simulation that teaches staffers how to avoid falling for traps. DarkReading has compiled a list of limited-time free offers that security professionals can tap as they retool for COVID-19.
The Surprise Twist: There’s even new resources to give kids a crash course in cyber security. With children of all ages home due to Coronavirus-related school closures, one enterprising couple came up with the idea of the virtual Cyber School, which will host free 45-minute livestreams on topics as far ranging as intro to coding and algorithms along with ethical hacking and social engineering.
* * *
Unmasking technology. File this tidbit away under the heading very interesting or very scary—it all depends on your perspective. In the midst of the COVID-19 pandemic, a Chinese company claims to have developed the country’s first facial recognition technology that can identify people even when they are wearing masks. The firm, Hanwang technology Ltd., or its English name Hanvon, said it used core technology it built over the last decade, along with a database of 6 million unmasked faces and a smaller collection of masked faces, to come up with the system.
China, of course, is associated with some of the most sophisticated electronic surveillance programs, including facial recognition. It’s unclear how this technology will be deployed, and even more uncertain how it will register with the broader population in China and around the world.
Symantec Information Security: Innovation and Strategy for Your Success
Symantec is better positioned than ever to drive innovation and customer success since becoming a division of Broadcom. We are excited to connect with you and share updates on our Information Security solutions including: CloudSOC CASB, DLP, Secure Access Cloud, Compliance and Encryption.
We encourage you to share your thoughts on your favorite social platform.