720-891-1663

Return to the list of client alerts

 

DHS and NCSC Issue Covid Related Hacking Alert

The U.S. Department of Homeland Security (CISA) and the U.K.’s National Cyber Security Centre (NCSC) have issued a joint alert regarding cyber attacks with Covid-19 themes.

While I have said this is a problem up until now, that was me sounding the alarm.

Now both Homeland Security and the National Cyber Security Centre are saying it is a problem and with details.

The attacks fall into the following categories.  There are a lot of variants within each category:

  • Phishing using the subject of Covid-19 as a lure
  • Malware distribution using Covid-19 as a lure (as in some sort of Covid-19 related app, for example)
  • Registration of new domain names containing words related to Covid-19 and
  • Attacks against newly and likely insufficiently hardened remote access and teleworking infrastructure

On the other hand, the attack techniques are time honored – social engineering for the most part.  The last category combines social engineering with basic attacks of insufficiently hardened infrastructure.

So what is it that the hackers want your employees to do in order to compromise your network and systems.  Here are the basics:

  • Click on a link to take them to a malicious web site
  • Download malware that compromises your systems and networks
  • Open a file (like an email attachment) that contains a virus or worse, a worm (worms can spread across your network with no help)

These are very basic techniques but when people are stressed and are in unfamiliar situations like working from home or not being allowed to leave your house except for essential things, people don’t always focus.

I have posted the entire DHS/CISA and NCSC joint alert here.  There is a lot of additional information and even some examples in the alert.

If you need assistance or have questions, please reach out to us.

In the meantime – stay safe.