• Matross Edwards

CISA Issues COVID-19 Cyber Threat Update (and US-CERT Alert)

Today, the U.S. Cybersecurity and Infrastructure Security Agency ("CISA") published a joint advisory with the UK’s National Cyber Security Centre ("NCSC") in light of cybercriminals exploiting the COVID-19 pandemic by targeting individuals and organizations with a range of ransomware and malware.

According to the joint advisory, some examples include scams with "emails containing malware which appear to have come from the Director-General of the World Health Organization (WHO), and others which claim to offer thermometers and face masks to fight the pandemic."

In addition, the advisory notes that: 

  • The techniques used by attackers prey on people’s appetite for information and curiosity towards the outbreak, with phishing emails and SMS messages using the virus as a lure to trick people into revealing credentials or downloading malicious software.

  • Phishing attempts often come from what appears to be a trustworthy sender, such as the ‘World Health Organization’, or with a subject line such as “2019-nCov: Coronavirus outbreak in your city (Emergency)”.

Experts at CISA and NCSC expect that the both the frequency and severity of COVID-19 cyberattacks will continue to increase over the next couple of weeks and months.

CISA also included an assessment from US-CERT (AA20-099A) on COVID-19 cyberattacks,  including indicators of compromise ("IOCs") for detection, and guidance for organizations and individuals on how to decrease the risk of cyberattacks.

According to the US-CERT Alert, some of the attacks being used are:

  • Phishing, using the subject of coronavirus or COVID-19 as a lure,

  • Malware distribution, using coronavirus- or COVID-19- themed lures,

  • Registration of new domain names containing wording related to coronavirus or COVID-19, and

  • Attacks against newly—and often rapidly—deployed remote access and teleworking infrastructure.

CISA Release: UK AND US SECURITY AGENCIES ISSUE COVID-19 CYBER THREAT UPDATE

US-CERT: Alert (AA20-099A), COVID-19 Exploited by Malicious Cyber Actors

. . .

#cyberjudicata #cyber


Recent Posts

See All

SBA Extends HUBZone Map Freeze Through June 2023

Today, the U.S. Small Business Administration ("SBA") published a direct final rule to extend the Historically Underutilized Business Zone ("HUBZone") program map freeze until June 30, 2023. SBA's pr

Joshua Duvall Successfully Recertifies as a CISSP

We are pleased to announce that managing partner Joshua Duvall successfully fulfilled the requirements by (ISC)² to recertify as a Certified Information Systems Security Professional ("CISSP"), a cert