The Coronavirus Digital Scam
Turn on the news, scroll on Facebook, flip through the pages of a newspaper — it seems like everywhere you turn it’s all about COVID-19. They’ve even made memes about it! The World Health Organization (WHO) recently described the outbreak as a pandemic. The respiratory illness has infected tens of thousands of people & killed several thousand.
How Your BCP Could Put You at Risk:
Amid all this mayhem, businesses have no choice but to implement their business continuity plans into action, most of which includes working from home. While this serves a purpose of containing the widespread of the novel coronavirus infection, it might not be the best call to action in terms of security measures. Employees working from home opens flood gates to one-too-many security risks. What makes it worst is we must now defend ourselves against the cybercriminals who we’ve already seen in the past few weeks taking advantage of the panic to craft new phishing and malware campaigns.
The Coronavirus Scam:
As if the threat of this pandemic isn’t enough, everyone now must stay alert and watch out for coronavirus themed malware. The panic arising current circumstances has created a vulnerability that malicious actors have quickly taken advantage of by spreading malware disguised as a “Coronavirus map”.
As the number of coronavirus infections blew well over 200,000 people worldwide, everyone is keeping track of how it’s spreading across the world. Everyone who is keeping a close eye is doing so through the dashboard’s organizations have made to keep a count of the live updates. While this is a good effort in creating awareness, hackers have now found a way to use these dashboards to inject malware into computers.
Cybersecurity researches have detected and analysed a certain malware used to weaponize coronavirus map applications. This malware steals credentials such as usernames, passwords, credit card number and a variety of other sensitive information stored in the user’s browser. These attackers may use this sensitive information for many operations such as selling it on the dark web or to gain access to private accounts.
What is AZORult:
The new malware activates a strain of malicious software known as AZORult. AZORult is an information stealer and was first discovered in 2016. This software is used to browsing history, cookies, ID/passwords, cryptocurrency and more. It could also download additional malware onto infected machines. AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer. There is also a variant of the AZORult that creates a new, hidden administrator account on the infected machine in order to allow Remote Desktop Protocol (RDP) connections.
How Do We Stay Secure:
The COVID-19 outbreak seems to threaten not only our health but also our safety in terms of digital security. If we’re not careful enough, we would fall prey to these “coronavirus themed” cyber-attacks. While hackers are busy abusing the epidemic for their own gain, researchers have been doing their best to come up with solutions to contain the spread of the virus.
Let us do our part! What can you do to stay cyber vigilant at this time?
1) Avoid Public Wi-Fi
Only use Wi-Fi that you trust. Always avoid using public Wi-Fi for confidential work purposes. If it is absolutely necessary, always use personal hotspots to dial in and access confidential work files. You may use trusted Wi-Fi such as your home network, rather than a shared space Wi-Fi, such as a library, airport or café Wi-Fi. Attackers can intercept traffic in public Wi-Fi using an attack called person-in-the-middle (or sometimes man-in-the-middle). This is where they can read or change, the data you’re sending across the Wi-Fi.
2) Keep Devices Locked & Use Strong Passwords
Always makes sure your devices are locked to prevent anyone from being able to access them easily. Pick a strong password and make sure to enable Multi-Factor Authentication. This type of authentication will act as an additional layer of security. Systems which require access from the internet such as work-related systems, email or messaging apps should be protected. By enabling two-factor authentication, attackers wouldn’t be able to get in even if they’ve guessed your password or stolen your credentials. The more security layers in place, the little the risk of a cyber-criminal to gain access to your sensitive systems.
3)Always, always Remember to Back Up your Data
Data can be lost in a number of ways, including human error, physical damage to hardware, or a cyberattack. Ransomware and other types of malware can wipe entire systems without giving you’re the chance to spot it. Make sure you have an up-to-date antivirus installed and ensure that it runs regular scans. Good antivirus software can act as the next line of defence by detecting and blocking known malware. Even if malware manages to find its way to your device, an antivirus may be able to detect and, in some cases, remove it.
4) Be more vigilant about unexpected emails
It is easy to forget cybersecurity best practices when away from the office. The best strategy is to remain vigilant and sceptical of all unsolicited emails, text messages, social media chats, and attachments. Be extra cautious about suspicious emails you weren’t expecting. In this case, look at the email through your desktop computer and hover over the links to check the ‘sent’ address. When in doubt — don’t click!
These measures, though simple, serve a mighty purpose in securing not only your own privacy but also in preventing the potential of a breach of company sensitive information. At a time of calamity like this one, let us not fall prey to the hands of villains who are trying to reap benefits out of the panic surrounding the outbreak of COVID-19. Let’s get through this pandemic together.
Stay Alert, Stay Secure & Stay Safe. AKATI Sekurity Cares!
