In the midst of a global pandemic with the outbreak of the Coronavirus, or COVID-19, hackers aren’t putting their tricks into quarantine. While some gangs were promising not to hit medical centers during this time (they recently broke that promise), others are taking full advantage of individuals and businesses looking for the latest status on Coronavirus in their area.
Ransomware Gangs’ Promise – Broken!
Late last week, BleepingComputer reached out to several ransomware operators to see if they would cease from targeting health organizations during the Coronavirus outbreak. Only two responded, both promising to avoid targeting hospitals. DoppelPaymer, one of the organizations to respond, said they always try to avoid hitting medical facilities and even offer the decryption key for free if they hit one by accident. Operators behind Maze ransomware commented, “We (will) also stop all activity versus all kinds of medical organizations until the stabilization of the situation with (the) virus.
It appears the Maze gang broke their promise only days after their pledge. On March 14th, Maze ransomware infected the systems of Hammersmith Medicines Research (HMR). This UK company carried out tests to develop the Ebola vaccine and performs early clinical trials of drugs and vaccines. Additionally, HMR is ready to conduct trials on any Coronavirus vaccines that are being developed. While this attack occurred before the agreement was made, the group published thousands of former patient’s personally identifiable information days after the promise. Why? Because HMR refused to pay the ransom.
So, while assurances such as these may be occurring, they should be taken with a grain of salt, as a hospitals’ current state of desperation makes them more likely to pay a ransom.
FBI Issues Warning of Significant Spike in Coronavirus Scams
On Friday (March 21st), the FBI issued a warning noting that they have seen an unprecedented wave of cyberattacks exploiting individuals and businesses worried about the Coronavirus. A state or nation-wide quarantine appears to be music to the ears of cybercriminals as they continue to exploit the Coronavirus situation to maximize their gain.
With more and more employees working remotely in the practice of social distancing, many companies may be ill-prepared for the threat posed by large numbers of employees taking their devices home, accessing and transmitting sensitive corporate data, customer systems, and personally identifiable information. In a survey conducted by CNBC, more than one-third of senior technology executives say that cybersecurity risks have increased as a majority of their employees work from home. In that same survey, respondents said their organization has seen phishing and other cyber scams rise 40 percent.
“We are hearing from many clients and law enforcement that the level of cyberattacks, phishing attempts, and scams occurring in light of COVID-19 has grown dramatically,” said Miriam Wugmeister, partner and co-chair of law firm Morrison & Foerster’s global privacy and data security group.
How to Avoid Coronavirus Scams
Phishing scams loaded with ransomware are attempting to take advantage of all of us who are worried about the Coronavirus. The most common scams are promoting fake Coronavirus test kits, cures, and bogus charities to donate to help those in need. Another popular scam is companies, such as Starbucks, appearing to offer $100 coupons. While companies are certainly doing their best to help during this time of need, be wary of these offers that seem too good to be true.
To avoid becoming a victim of these scams, we must be diligent about our cybersecurity now more than ever. If you receive an offer or email that seems suspicious, take these steps before clicking on the link:
- The Better Business Bureau has a handy scam tracker. Check this site out for potential scams occurring with up-to-date information.
- Be wary of unsolicited social media, text, or email messages with updates, test kits, cures, or charities. If you need information to stay updated on the Coronavirus, go directly to the source.
- Check the source of all emails. While the email may appear to come from someone you work with, ensure the email address is legit.
Working remotely and practicing social distancing, especially for extended periods of time, can take its toll. However, now is the time to practice your cybersecurity measures. If you are starting to find it challenging to be productive or stay on top of your cybersecurity practices, check out our article on “How to Stay Sane While Working Remotely.”
Photo courtesy of decrypt.co