COVID-19 and Cybersecurity

In today’s complex and interconnected world virtually no major event occurs without an associated cyber threat. The COVID-19 pandemic is exception. As all of us work to mitigate this threat, we should be aware of how cybersecurity impacts us in doing so.

The Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment or hyperlink, and be wary of social media pleas, texts or calls related to COVID-19.

CISA encourages individuals to remain vigilant and take the following precautions.

• Avoid clicking on links in unsolicited emails and be wary of email attachments. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information.
   
• Use trusted sources—such as legitimate government websites—for up-to-date, fact-based information about COVID-19.
   
• Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.
   
• Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
   
• Review CISA Insights on Risk Management for COVID-19 for more information.”[1]

In addition, threats may take on the form of websites providing critical information to the public. For example, according to both CISA and the U.S. Department of Health and Human Services, a malicious website pretending to be Johns Hopkins University’s live map for Coronavirus COVID-19 Global Cases is circulating on the internet waiting for unwitting internet users to visit the website.

Visiting the website infects the user with the AZORult trojan, an information-stealing program that can exfiltrate a variety of sensitive data. It is likely being spread via infected email attachments, malicious online advertisements and social engineering. Furthermore, anyone searching the internet for a coronavirus map could unwittingly navigate to this malicious website.

While dedicated attacks to interfere with or slow response to this crisis remain a concern at federal and state levels, the primary cyber-related concerns for most of us related to COVID-19 include:

• Malicious actors attempting to take advantage of the current crisis to spread disinformation.
   
• Injecting malicious software (malware) onto individual machines and networks.
   
• Stealing or otherwise compromising your data and any sensitive corporate or personal information they can gain access to.

Following the direction provided by CISA will help to ensure that we remain cyber secure as we respond to COVID. Your CAP Cyber team wants to ensure that you have the most up-to-date information regarding cybersecurity and COVID-19. As we work to combat this threat and help our neighbors and our nation respond and recover, we also want to help you work together to keep the systems and networks required to support that response secure – and most importantly available – to support the life-saving work being done.


1] https://www.us-cert.gov/ncas/current-activity/2020/03/06/defending-against-covid-19-cyber-scams