• Matross Edwards

CISA Issues COVID-19 Cyber Threat Update (and US-CERT Alert)

Today, the U.S. Cybersecurity and Infrastructure Security Agency ("CISA") published a joint advisory with the UK’s National Cyber Security Centre ("NCSC") in light of cybercriminals exploiting the COVID-19 pandemic by targeting individuals and organizations with a range of ransomware and malware.

According to the joint advisory, some examples include scams with "emails containing malware which appear to have come from the Director-General of the World Health Organization (WHO), and others which claim to offer thermometers and face masks to fight the pandemic."

In addition, the advisory notes that: 

  • The techniques used by attackers prey on people’s appetite for information and curiosity towards the outbreak, with phishing emails and SMS messages using the virus as a lure to trick people into revealing credentials or downloading malicious software.

  • Phishing attempts often come from what appears to be a trustworthy sender, such as the ‘World Health Organization’, or with a subject line such as “2019-nCov: Coronavirus outbreak in your city (Emergency)”.

Experts at CISA and NCSC expect that the both the frequency and severity of COVID-19 cyberattacks will continue to increase over the next couple of weeks and months.

CISA also included an assessment from US-CERT (AA20-099A) on COVID-19 cyberattacks,  including indicators of compromise ("IOCs") for detection, and guidance for organizations and individuals on how to decrease the risk of cyberattacks.

According to the US-CERT Alert, some of the attacks being used are:

  • Phishing, using the subject of coronavirus or COVID-19 as a lure,

  • Malware distribution, using coronavirus- or COVID-19- themed lures,

  • Registration of new domain names containing wording related to coronavirus or COVID-19, and

  • Attacks against newly—and often rapidly—deployed remote access and teleworking infrastructure.


US-CERT: Alert (AA20-099A), COVID-19 Exploited by Malicious Cyber Actors

. . .

#cyberjudicata #cyber

Recent Posts

See All

New FAR Rule Limits Use of LPTA Source Selection

Last month, the Department of Defense ("DoD"), General Services Administration ("GSA"), and National Aeronautics and Space Administration ("NASA") issued a final rule to implement a portion of the 201


Trusted Relationship.

Trusted Resource.

  • LinkedIn
  • Twitter
  • Podcast
  • gcj_box
  • cj_box

Washington, DC


© 2020 Matross Edwards LLC. All rights reserved. Attorney Advertising.

Matross Edwards - Logo.png