An increasing number of malicious cyber actors are exploiting the current coronavirus disease 2019 (“COVID-19“) pandemic for their own purposes. In the UK, the National Cyber Security Centre (“NCSC“) has detected more UK government branded scams relating to COVID-19 than any other subject. Meanwhile, across the Atlantic, both the United States Department of Homeland Security (“DHS“) and the Cybersecurity and Infrastructure Security Agency (“CISA“) have noted a growing use of COVID-19 related themes by malicious cyber actors. This combined with the surge in home working has increased the use of potentially vulnerable services, such as Virtual Private Networks, amplifying the threat to individuals and organisations.
As a result of the above, the NCSC, DHS and CISA recently released a rare joint advisory detailing practical advice for individuals and organisations on how to deal with COVID-19 related malicious cyber activity.
The advisory provides an overview of how cyber criminals and advanced persistent threat groups are exploiting COVID-19. The advisory provides a non-exhaustive list of indicators of compromise within accompanying .csv and .stix files based on analysis from the CISA and NCSC. Finally, the advisory offers practical advice that individuals and organisations can follow to reduce the risk of being affected by malicious cyber actors.