During the COVID-19 crisis, criminals continue to ply their trade and many are trying to exploit the crisis for their gain. As an increasingly large number of employees work from remote locations, it continues to be important for businesses to educate their employees about these kinds of attacks to prevent information systems from being compromised.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) have issued a joint alert about these threats. Common attacks include:
Social engineering methods are often at the heart of these activities, relying on curiosity and concern to persuade potential victims to:
To create the impression of authenticity, malicious cyber actors may spoof sender information in an email to make it appear to come from a trustworthy source, such as the World Health Organization (WHO) or individuals with “Dr.” in their titles. The messages will often contain links to a fake email login page. The emails may also purport to be from an organization’s HR department and advise the employee to open the attachment.
Malicious file attachments containing malware payloads may be named with coronavirus- or COVID-19-related themes, such as “President discusses budget savings due to coronavirus with Cabinet.rtf.”
The CISA and NCSC alert also provides examples of phishing email subject lines:
These emails encourage the victim to visit a website that will try to steal valuable data, such as usernames and passwords, credit card information and other personal information.
While most phishing attacks come via email, some malicious cyber actors also use text messages that purport to deal with unemployment benefit applications or government financial support payments, but really link directly to phishing sites.
The CISA/NCSC alert provides many more details and is well worth reading.
If you believe that your business may have been the victim of a cyberattack, it is important to contact your attorney immediately. The Cybersecurity and Privacy and the Criminal Practice Group attorneys at Warner have experience responding to all sorts of cyberattacks. We can assist you with reporting the incident to law enforcement and making any necessary disclosures to stakeholders. Warner can also assist in connecting you with the experts needed to help you identify the attack, neutralize remaining threats and try to locate any valuable data or lost funds, and we can help you take steps to reduce or defend against litigation resulting from a cyberattack.
For questions concerning cybersecurity and privacy, please contact Norbert Kugele, Madelaine Lane or Brian Wassom.