Here's how cyber-attackers are using COVID-19 to target your business

By on
Here's how cyber-attackers are using COVID-19 to target your business

Are you aware of all these tricks?

If your business doesn’t keep pace with cybersecurity risks, now is the time to do something about it.

That’s because a wave of malicious online COVID-19-related activity, from scam emails to information apps, is hammering businesses.

We recently watched a briefing about this by Vitaly Kamluk, director for Global Research and Analysis Team Asia Pacific at Kaspersky.

An important takeaway is that scam emails are one of many ways attackers are exploiting the pandemic. For instance, Kaspersky is seeing the term “COVID-19” appear in names of malicious files, spreadsheets, other documents and apps.

Its researchers have even spotted seven-year-old malware using “COVID-19” in its file names.

“Using the names and popular terms related with the current pandemic simply elevated the probability of these worm to be opened by another user after it was copied to a network share, or a USB drive,” Kamluk says.

Another trick is a “COVID-19 Inform” app, which prompts users to install it to receive news about the virus from the World Health Organisation.

Email scams include a “Close down order”, supposedly from a Centre for Disease Control and Prevention. The sender is an “HR Department”.

Another email scam invites businesses to take part in a “direct credit initiative” for corporate clients. Like many email scams at the moment, it’s framed as a business continuity measure. A document promising “COVID-19 Communication to Corporate clients” is attached.

Other tactics used in malicious emails include:

  • Offerings of home test-kits
  • Emails claiming to be from medical institutions and staff
  • Information about charities and donations
  • Apps for tracking infections
  • Investment offerings
  • Offers of medical supplies that are in high demand
  • Government financial support initiatives

Kamluk suggests that these emails are designed to take advantage of the chaotic situation some business are operating in.

Your business may also be vulnerable if staff members are working from home. That’s because they may be working on unprotected home networks without adequate cybersecurity.

One risk is that you fall victim to DNS-hijacking, which involves attackers changing your home router settings to route your traffic via malicious servers.

Kamluk recommends deploying dedicated secure gateways to all employees. He says all users should also run antivirus and an endpoint detection and response solution, which automates the process of discovering, investigating and stopping advanced threats. And those systems should report to a central server.

He also recommends using two-factor authentication.

Also consider the sensitivity of the information you’re communicating online and how you’re doing so – there’s been plenty of concern about the security of popular video conferencing applications. If you have extremely sensitive information to protect, Kamluk recommends running dedicated videoconferencing servers on your premises.

Encryption is also important. “We should all be using end-to-end encryption when it comes to sensitive information,” Kamluk says.

Article sponsored by Kaspersky.

Copyright © BIT (Business IT). All rights reserved.

Most Read Articles


What would you like to see more of on BiT?
How To's
Photo Galleries
View poll archive

Log In

  |  Forgot your password?