Cyber News Roundup: Taking Cybersecurity Precautions Amidst Coronavirus Pandemic

Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

If your life hasn’t already been turned upside down as a result of the COVID-19 pandemic, you will want to add cybersecurity precautions to your staying healthy list, in order to further protect yourself and your data. Hackers are exploiting the coronavirus and cyber experts are urging people to take extra precautions to when it comes to clicking links. According to an article in Fortune, the latest hacking techniques are coronavirus-themed phishing campaigns that when clicked, could prompt malicious malware on your system that could be used to steal victims’ personal data or freeze computers. Cybersecurity firm Nocturnus issued a report with these key findings about these new cyberattacks:

  • Coronavirus-themed Attacks: Multiple types of campaigns are occurring that specifically target regions most heavily impacted by the coronavirus with coronavirus-themed files and domains.
  • Leveraging Anxiety: Attackers are abusing the pandemic for their benefit by manipulating people’s anxiety over the virus to trick them into downloading malware.
  • Taking Advantage of Remote Workers: Attackers are taking advantage of the shift to remote work by promoting malware masquerading as VPN installers. This is particularly dangerous as businesses make the transition to remote work and suggest best practices to employees, including the use of VPNs.
  • Using Mobile Malware: Attackers are creating malicious mobile applications posing as legitimate apps developed by the World Health Organization to help individuals recover from coronavirus. Instead, the application downloads the Cerberus banking trojan to steal sensitive data.
  • Targeting Healthcare Organizations: Attackers are using ransomware to target healthcare organizations, arguably the most vital and overworked among us at this time.

Here are security precautions to take especially now, courtesy of Nocturnus:

  • Be Careful: To significantly reduce the likelihood of falling victim to a phishing attack, it is best to be careful while browsing online and checking email. Check the authenticity of the sender for any email you download information from, and check if the content makes sense to you. If there is any doubt, do not click on it and report it to your security team immediately.
  • Watch Out for Shortened Links: If you have any doubt about the validity of a link, open a new browser window and type the URL into the address bar. Examine the URL and make sure it is authentic.
  • Be Wary of Emails Asking for Confidential Information: Emails that ask for information such as credentials, credit card information, and other sensitive data are usually not legitimate. Legitimate organizations, including and especially banks, will never request sensitive information via email and will always redirect you to a secure website or other channels.
  • Only Download Files from Trusted Websites: Double check that a website you are using is legitimate and trusted. To download specific VPNs, search for the company’s official website and install directly from there. Avoid downloading cracked versions, since they are usually bundled with other software or malware and can cause damage to the machine.

In fact, just this week the U.S. Health and Human Services Department was hacked. Sarah Coble, covers the news in Infosecurity Magazine, writing that “the attack was thought to have been motivated by a desire to slow the agency down and spread misinformation among the public.” Jake Moore, cybersecurity specialist at ESET said, “Suffering a cyber-attack in the midst of a pandemic adds salt to the wound when organizations are already at full stretch. We all need to be more vigilant at the moment and take even more caution when communicating remotely.”

Working remotely imposed worldwide: Empowering workers, but precautions are prudent

In an interview with European cybersecurity agency ENISA, ZDNet highlights ENISA’s security recommendations while remote working taking place around the world is skyrocketing around the world. ENISA warns “Attackers are exploiting the situation, so look out for phishing emails and scams,” ENISA said. The agency warns remote workers to be suspicious of any emails asking them to check or renew their passwords and login credentials, even if they seem to come from a trusted source.

“Please try to verify the authenticity of the request through other means, do not click on suspicious links or open any suspicious attachments.”

ENISA says employers should:

  • Provide initial and then regular feedback to staff on how to react in case of problems. That means info on who to call, hours of service and emergency procedures.
  • Give suitable priority to the support of remote access solutions. Employers should provide at least authentication and secure session capabilities.
  • Provide virtual solutions. For example, the use of electronic signatures and virtual approval workflows to ensure continuous functionality.
  • Ensure adequate support in case of problems.
  • Define a clear procedure to follow in case of a security incident.
  • Consider restricting access to sensitive systems where it makes sense.

In the Forbes article, Cybersecurity When It Comes To Remote Work Means Zero Trust, author Jun Wu interviews Alex Willis with Blackberry who says, In today’s world, the remote worker needs to be able to do everything they can do from their desk if you want your organization to remain productive and competitive. Users won’t accept anything less, so it’s also a retention strategy. But, allowing employees to access critical business systems and data from machines and networks you don’t manage or trust means the risk grows exponentially.” What are immediate things medium-sized and small companies can do related to cybersecurity to enable their employees to work from home? Wu writes that regardless of organizational size, cybersecurity planning and response readiness is critical and achievable. NIST is a good resource for published cybersecurity frameworks. “One of the key things about developing a good cybersecurity process isn’t about the resources or the team. Cybersecurity is everyone’s job,” says Willis.

Partner blog of interest: Fortinet: CSO Strategies for Navigating Challenging Times