The coronavirus pandemic has created enormous challenges for business continuity with the massive shutdown of offices and other facilities.
The digital infrastructure has become vital than ever to facilitate remote working.
While the demands on the digital infrastructure have skyrocketed, the technology has become a much bigger and more lucrative target for cybercriminals.
Zscaler, a cloud security firm, is claiming to have witnessed a staggering 30,000% increase rise in COVID-19 related phishing, malicious websites, and malware targeting remote users since January.
According to Deepen Desai, VP Security Research and Operations at Zscaler, the firm’s cloud security platform had seen 380,000 cyberattacks targeting home workers in March, up to 1200 in January.
Overall Threats Seen in the Zscaler Cloud
- 85% increase in phishing attacks targeting remote workers
- 25% increase in malicious websites and malware files
- 17% increase in cyber threats targeting enterprise users
COVID-19 Threats Seen in the Zscaler Cloud
- 1,200 threats by January 20, 2020
- 10,000 threats by February 20, 2020
- 380,000 threats by March 20, 2020
ALSO READ: How COVID-19 is Changing ‘Security Leader’ Priorities?
Let’s see how cybercriminals are adjusting their campaigns to capitalize on the COVID-19 crisis:
1) Newly Registered Domains (NRDs)
Zscaler researchers witnessed around 130,000 suspicious newly registered domains since January. Cybercriminals are registering new domains to take advantage of COVID-19 related keywords and themes such as test, mask, Wuhan, and kit.
COVID-19 Themed NRDs-
- 3,223 by January 20
- 10,165 by February 20
- 96,743 by March 20
- 20,139 by April 20
ALSO READ: ‘Coronavirus-themed’ Malwares Threaten ‘Cybersecurity’
2) Phishing Attacks
According to Zscaler, COVID-19 related phishing attacks are targeting both corporations and consumers.
On the corporate side, cybercriminals are sending spear-phishing emails disguised as legitimate emails from the recipient’s corporate IT team or payroll department.
On the consumer side, cybercriminals are using malicious emails asking the consumers for personal data to receive their COVID-19 relief fund.
3) Malware Targeting Remote Workers
The COVID-19 pandemic has incited people to adopt new practices such as social distancing, remote working, and online classes. So, organizations and individuals are embracing the Virtual Private Network (VPN) for security and privacy.
This, in turn, led cybercriminals to develop fake VPN software campaigns disguised as legitimate VPN clients to lure users into downloading and installing malware.
4) Skimming Script Targeting Online Shopping
The COVID-19 pandemic has incited individuals to depend on online shopping for daily essentials, including healthcare, pharmacy, and groceries.
Unfortunately, Zscaler researchers witnessed multiple cases of shopping sites being compromised and injected with JavaScript skimmer code.
When someone attempts to order anything from these compromised sites, the injected script looks for the payment page to capture the user’s personal information and financial data.
ALSO READ: Cyber Security Threats and Attacks: All You Need to Know
5) Cyberthreats Targeting Mobile Users
The cybercriminals are also attacking mobile users with malware and phishing using COVID-19 themes and keywords.
The security vendor has detected a malicious website that portrays itself as a download site for a COVID-19 App. But the app is ransomware that locks out the user and demands a ransom to unlock the device.
“A scam asks users to install an Android Application Package (APK) to receive a “Corona Safety Mask. Instead, it simply installs an SMS Trojan that collects user contacts and sends messages to all those contacts with a download link to lure more users,” revealed Deepen Desai.
In Conclusion
Cybercriminals are quickly updating techniques, procedures, and tools to target and compromise end-user systems with the ongoing crisis. So, businesses must adopt new digital strategies to ensure cybersecurity no matter where the employees work.
How Can We Help?
StealthLabs is a Cyber Security Solutions Provider in Texas, USA with strong domain expertise. Our services include Compliance Advisory, Incident Management, Identity and Access Management, and Managed IT Security.