The security team at CompuVision has built the following hot list for cybersecurity threats that you need to be aware of.
Bad actors are creating fake COVID-19 monitoring and information sites. These sites lure people in with ‘breaking news’ and ‘latest updates’, exploiting concerns about the outbreak. They then contain malware & use vulnerabilities in Flash, Java & Adobe PDF to exploit weaknesses in systems. Older and non-updated browsers are particularly vulnerable to these attack.
There has been a very high number of new domains registered in the last few months, nearly 10 times the normal amount (Hacker News). Of these new sites, around 20% are considered suspicious. The majority of these domains are being used as “online retailers” to sell COVID-19 cures, immune system boosting products and so on. Non-official websites of this sort should be treated with the utmost caution.
There have already been a number of incidents where hospitals & medical facilities have been phished & attacked. One secondary phishing issue has seen bad actors take control of a medical email (a doctor or doctor’s receptionist for example) and use it to access a patient list to send out further phishing attempts, as well as spread fear and panic. This can be a significant problem, as emails from medical professionals are likely to be implicitly trusted at this time, but users should be extra vigilant, and wary of any email that does not sound 100% legitimate.
There have been a number of phishing attempts using the names and spoofed domains of various health agencies, again capitalizing on the implicit trust that people have for health professionals.
The Canadian Cyber Security Centre has identified a long list of vulnerabilities and recommends the immediate patching of the below. More information can be found via their website.
Telework is a flexible and convenient work arrangement that allows you to work outside of the traditional office environment.
When you use business equipment outside of your organization’s IT security perimeters, it can create a weak link in your organization’s overall IT infrastructure. If it is not properly protected, these remote connections can be exploited by threat actors. It is important to protect your mobile devices, as well as any sensitive information and data—whether at rest or in transit. Threats can potentially jeopardize the confidentiality, the integrity and the availability of the information.
Public Safety Canada’s Cyber Security Centre has released some excellent guidance on “Telework Security Issues”, which can also be found on their website.
There has been a noted increase in emails claiming to provide a “COVID-19 cure” being used to phish & infect machines. Clients should be wary of any/all information via email and on Facebook and other social media platforms unless it’s from an official government authority.
Additional information can be found at https://compuvision.biz/connections/covid-19-cyber-security-threats/, which will be updated as threats are discovered.
We're rolling updates into regular e-mail briefings for business leaders. If you're interested, please subscribe here: