It was only a month ago that cybersecurity was one of the most concerning items on nonprofit boardroom agendas. The COVID-19 crisis has now placed heightened urgency around the need for sound cybersecurity strategy. In considering a total risk management plan, boards, senior executives, and risk management teams need to be aware that cybercriminals are taking advantage of the current global crisis for their own benefit by using terms related to the crisis to commit cybercrimes. The issues of COVID-19 and cybersecurity combine to pose an increased threat that’s worthy of board discussions.
Nonprofit boards need to be aware that cybercriminals are apt to use any current crisis or hot topic as a ploy to throw desperate people off trails.
New Strategies for Cyberattacks Using COVID-19 as a Pawn
The National Cyber Security Centre (NCSC), a division of the General Communication Headquarters in the United Kingdom, issued a warning that cybercriminals are using the public’s fear of COVID-19 to attack electronic systems. Threat actors aren’t below the idea of using hot topics, occasions, or popular personalities in their social engineering strategies to commit crimes. Criminals are always on the lookout for how they can make money by staying current with global trends and news in much the same way that legitimate corporations operate. Underground forms are flooded with the same types of conversations.
The conversations of criminals are hidden from the general public. Beneath the veil, there is a bustle of activity in purchasing icons, codes, and programs to help them infect the systems they hack. Current hot topics make great decoys that make people vulnerable to attacks. Since the pandemic occurred, cyberattacks that use words and terms related to COVID-19 are increasing.
Some of the terms aren’t ones that you might suspect. If you think about the many topics on any social media outlet, it’s easy to see that people are talking about the need for supplies of toilet paper, masks, ventilators, thermometers, and patient monitors. These words, in addition to words like COVID-19, coronavirus, and pandemic are common keywords that criminals are using in their scams lately. NCSC techs have identified hacks and scams using these words that were used to break into computer systems and infect them with malware. Criminals are preying on the fears of people worldwide. The general public is on a constant search for updated information on the issue and the internet is the first place they’re looking to find it.
NCSC has been tackling the problem by uncovering and removing malicious websites run by cybercriminals running coronavirus scams and other illegal activity. The range of tools that cybercriminals are using is growing in number and sophistication which makes it difficult for cybersecurity experts to counterattack. Cybercrime encompasses phishing attacks, stealing credentials, monetary fraud, ransomware campaigns, email spam, malware, and more.
Nonprofit Organizational Leaders Need to be Cyber Aware
With having to face the dual threat of cyberattacks related to the pandemic, it’s more important than ever for nonprofit boards and senior executives to be cyber aware. Organizations like NSCS, the World Health Organization (WHO), and the U.S. Federal Trade Commission are good resources where nonprofit leaders can find more about how to mitigate cybercrime. These organizations have warned organizations about scammers that have been engaging in phishing attacks on emails and social media that are related to coronavirus. Nonprofit boards need to get education on the most recent types of cyberattacks and how to identify suspicious emails so they can work with risk management teams to mitigate and defend against ransomware attacks.
Tech researchers at Proofpoint have also discovered many hacking campaigns using coronavirus-related terms where malware such as Emotet, NanoCore, and Azorult. Criminals have even come up with a trickbot trojan that provides a disguise over medical advice about COVID-19.
Be Aware of State-Sponsored Hacking Campaigns
Cybersecurity experts warn that it’s not only individual or small groups of hackers that pose a danger to your organization. There are a good number of hackers lurking in cyberspace that have the backing of their governments—namely in China, North Korea, and Russia.
For cybersecurity experts that are “in the know” these tactics don’t come as a surprise. They’ve learned from past tragedies like the Paris terror attack in 2015 and the oppression of the Uyghur population in China just how far cybercriminals will go to use fear and tragedy to lure unsuspecting people into their schemes.
In Russia, the Hades group is a well-known hacking group. They’ve been linked to one of the first COVOD-19 hacking campaigns dating back to February. The group targeted individuals in the Ukraine using spam emails that appeared to come from the Center for Public Health of the Ministry of Health of Ukraine. After creating a national scare in that country, hackers produced a hoard of social media posts announcing the presence of COVID-19 in the country, which quickly went viral. Fear prompted many people to open the malware-infected emails.
Not long after the attacks from Russia, North Korean hackers also used malware as a lure to inform people about the COVID-19 pandemic.
Cyberattacks that originated from Russia and North Korea were smaller than those that stemmed from China, just as we began to receive reports that the COVID-19 situation in China was improving. At the beginning of March, a cybersecurity firm in Vietnam identified a hacking group with the code name Mustang Panda, which was sponsored by China. The group delivered emails with an attachment that reported having an important message about COVID-19 from the Vietnamese Prime Minister. When computer users clicked on the attachment and unzipped the file, it opened a trojan virus through the back door. In a second, similar attack, a group called Vicious Panda targeted government organizations in Mongolia that claimed to have new information about the numbers of new COVID-19 infections.
On a positive note, as new crises as tragedies arise, it forces nonprofit leaders to stay on their toes. The need to remain cyber aware is ever-present and will continue to be for the foreseeable future.