It was only a month ago that cybersecurity was one of the most concerning items on not-for-profit boardroom agendas. The COVID-19 crisis has now placed heightened urgency around the need for sound cybersecurity strategy. In considering a total risk management plan, boards, senior executives, and risk management teams need to be aware that cybercriminals are taking advantage of the current global crisis for their own benefit by using terms related to the crisis to commit cybercrimes. The issues of COVID-19 and cybersecurity combine to pose an increased threat that is worthy of board discussions.
Not-for-profit boards need to be aware that cybercriminals are apt to use any current crisis or hot topic as a ploy to throw desperate people off trails.
New Strategies for Cyberattacks Using COVID-19 as a Pawn
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), has noted many reports of a range of different COVID-19 themed scams, online frauds and phishing campaigns. In fact, since March 10 2020, the ACSC has received on average two incidents per day of Australians losing money or personal information, after falling victim to these cyberattacks. Threat actors aren’t below the idea of using hot topics, occasions, or popular personalities in their social engineering strategies to commit crimes. Criminals are always on the lookout for how they can make money by staying current with global trends and news in much the same way that legitimate corporations operate. Underground forums are flooded with the same types of conversations.
The conversations of criminals are hidden from the general public. Beneath the veil, there is a bustle of activity in purchasing icons, codes, and programs to help them infect the systems they hack. Current hot topics make great decoys that make people vulnerable to attacks. Since the pandemic occurred, cyberattacks that use words and terms related to COVID-19 are increasing.
Some of the terms aren’t ones that you might suspect. If you think about the many topics on any social media outlet, it’s easy to see that people are talking about the need for supplies of toilet paper, masks, ventilators, thermometers, and patient monitors. These words, in addition to words like “COVID-19”, “coronavirus”, and “pandemic” are common keywords that criminals are using in their scams lately. The centre have identified hacks and scams using these words that were used to break into computer systems and infect them with malware. Criminals are preying on the fears of people worldwide. The general public is on a constant search for updated information on the issue and the internet is the first place they’re looking to find it.
The ACSC has been tackling the problem by uncovering and removing malicious websites, approximately 150 so far, run by cyber criminals running coronavirus scams. The range of tools that cybercriminals are using is growing in number and sophistication which makes it difficult for cybersecurity experts to counterattack. Cybercrime encompasses phishing attacks, stealing credentials, monetary fraud, ransomware campaigns, email spam, malware, and more.
Not-for-profit Organisational Leaders Need to be Cyber Aware
With having to face the dual threat of cyberattacks related to the pandemic, it’s more important than ever for not-for-profit boards and senior executives to be cyber aware. Organisations like ACSC, the World Health Organisation (WHO), are good resources where not-for-profit leaders can find more about how to mitigate cybercrime. These organisations have warned organisations about scammers that have been engaging in phishing attacks on emails and social media that are related to coronavirus. Not-for-profit boards need to get education on the most recent types of cyberattacks and how to identify suspicious emails so they can work with risk management teams to mitigate and defend against ransomware attacks.
Tech researchers at Proofpoint have also discovered many hacking campaigns using coronavirus-related terms where malware such as Emotet, NanoCore, and Azorult. Criminals have even come up with a trickbot trojan that provides a disguise over medical advice about COVID-19.
Be Aware of State-Sponsored Hacking Campaigns
Cybersecurity experts warn that it’s not only individual or small groups of hackers that pose a danger to your organisation. There are a good number of hackers lurking in cyberspace that have the backing of their governments—namely in China, North Korea, and Russia.
For cybersecurity experts that are “in the know” these tactics don’t come as a surprise. They’ve learned from past tragedies like the Paris terror attack in 2015 and the oppression of the Uyghur population in China just how far cybercriminals will go to use fear and tragedy to lure unsuspecting people into their schemes.
In Russia, the Hades group is a well-known hacking group. They’ve been linked to one of the first COVID-19 hacking campaigns dating back to February. The group targeted individuals in the Ukraine using spam emails that appeared to come from the Center for Public Health of the Ministry of Health of Ukraine. After creating a national scare in that country, hackers produced a hoard of social media posts announcing the presence of COVID-19 in the country, which quickly went viral. Fear prompted many people to open the malware-infected emails.
Not long after the attacks from Russia, North Korean hackers also used malware as a lure to inform people about the COVID-19 pandemic.
Cyberattacks that originated from Russia and North Korea were smaller than those that stemmed from China, just as we began to receive reports that the COVID-19 situation in China was improving. At the beginning of March, a cybersecurity firm in Vietnam identified a hacking group with the code name Mustang Panda, which was sponsored by China. The group delivered emails with an attachment that reported having an important message about COVID-19 from the Vietnamese Prime Minister. When computer users clicked on the attachment and unzipped the file, it opened a trojan virus through the back door.
On a positive note, as new crises as tragedies arise, it forces not-for-profit leaders to stay on their toes. The need to remain cyber aware is ever-present and will continue to be for the foreseeable future.
Related text: Top Five Best Practices in Not-for-profit Governance