The U.S. Department of Homeland Security (CISA) and the U.K.’s National Cyber Security Centre (NCSC) have issued a joint alert regarding cyber attacks with Covid-19 themes.
While I have said this is a problem up until now, that was me sounding the alarm.
Now both Homeland Security and the National Cyber Security Centre are saying it is a problem and with details.
The attacks fall into the following categories. There are a lot of variants within each category:
On the other hand, the attack techniques are time honored – social engineering for the most part. The last category combines social engineering with basic attacks of insufficiently hardened infrastructure.
So what is it that the hackers want your employees to do in order to compromise your network and systems. Here are the basics:
These are very basic techniques but when people are stressed and are in unfamiliar situations like working from home or not being allowed to leave your house except for essential things, people don’t always focus.
I have posted the entire DHS/CISA and NCSC joint alert here. There is a lot of additional information and even some examples in the alert.
If you need assistance or have questions, please reach out to us.
In the meantime – stay safe.