By Grant McCracken, head of security operations, Bugcrowd.
For some time now, COVID-19 has dominated every aspect of civilian life. The global workforce, healthcare systems, and international news cycles have all been impacted by the pandemic, which wreaked havoc in every area of what was once normal life.
COVID-19 is top of mind for cyberattackers too. The combination of the financial downturn and universal chaos creates the perfect storm for criminals looking to make a quick buck. At the end of the day, attackers run their own businesses too and we should always expect assailants to capitalize on chaos. Targeting healthcare systems, hospitals and workers on the front line are no exception, especially given the mass influx of patients at hospitals, longer work hours and general uncertainty.
Financial gain is the strongest motive for cybercriminals and healthcare is already a vulnerable target; healthcare assets are exceptionally attractive by default, with sensitive information, delicate infrastructure and the fact that these systems cannot experience downtime.
Just last month, the WHO reported a five-fold increase in cyberattacks on its employees. Around 450 WHO email addresses and passwords were leaked, as well as information of thousands of people currently working on COVID-19 responses. Since then, the agency has begun to relocate affected systems to a more secure arrangement, including the utilization of a safer authentication process. This is only the tip of the iceberg.
In late March, a group of attackers impersonated WHO staff in emails and targeted civilians in attempts to obtain donations to fraudulent COVID-19-based nonprofits. While the source of the attack was not confirmed, it is possible that an accomplished hacking group called DarkHotel was behind the attack, according to a Reuters report.
On top of that, attacks across industries have spiked exponentially. Google observed more than 18 million malware and phishing emails related to COVID-19 a day during the first week of April and Zscaler reported a whopping 30,000% increase in COVID-19 themed phishing incidents, malicious websites, and malware attacks since January 2020.