Covid-19 Cyber Attacks: How Attackers are Exploiting the Crisis

Abey Koshy Itty
Published on
23 Apr 2020
6 min read
Cyber attacks

Cyber attackers were quick to take advantage of the coronavirus outbreak minting some serious profits through various organised cybercrimes. The shift of focus to the health crisis combined with an increase in online activity has fuelled the rise in cyber attacks.

There is a long list of cyber attacks and attempts that have happened over the past month and still happening targeted at individuals, businesses and global organisations.

Malicious attack attempts were up by 37% and social engineering campaigns posing as trusted organizations or individuals have been spreading widely. Business email compromise and extortion attacks lead the line of Covid-19 cyber attacks.

Malicious actors rely on basic social engineering methods and take advantage of human traits such as curiosity and concern to entice a person to carry out a specific action.

In two separate events, a vaccine test centre and a Paris hospital suffered an attack on March 14th and March 22nd respectively. Cyber criminals have also been specifically targeting hospitals and medical centres with ransomware attacks. Affected targets in the healthcare sector are more likely to pay the ransom since they cannot afford to be locked out of their systems.

However, attacks are not limited to the healthcare sector alone.

A large number of people in companies worldwide have been forced to work remotely on short notice and many for the first time. This means a majority of the workforce are inexperienced about the cyber security threats they face and the best practices for staying safe.

Employees accessing company networks from less secure home networks are creating a weak link in the security chain that can lead to potentially devastating damage. A vast majority of remote workers are making mistakes due to their lack of cyber security awareness. This makes a hacker’s job easier.

We are also not helped by the fact that hackers are spending more time home.

With the current distraction and a larger number of remote work happening, it doesn’t come as a surprise that they’re taking advantage of the situation.

We take a look at some of the Covid-19 cyber attacks that have occurred recently amidst the pandemic.

Coronavirus Emergency Aid Fund Redirected Through Phishing Campaign

An emergency aid fund set up by the government of the German province of North Rhine-Westphalia was redirected by a group of cyber criminals.

Hackers created multiple copies of the NRW Ministry of Economic Affair’s official website that had been set up to collect applications for the aid. They then sent the links through email campaigns.

Users who fell for the trap submitted applications for the Covid-19 aid on the fraudulent websites thus providing access to their data to the hackers. The hackers filed the applications on the original website by using all the precious data they had collected and successfully redirected the funds to their accounts.

This went on for about 3 weeks with the police receiving 576 official fraud reports and the estimated losses of the government to this scam calculated to be around €31 to €100 million.

What made the proceedings easier for the hackers is the fact that no scanned copies of IDs were asked for verification. This is one of the most inhumane Covid-19 cyber attacks where people in need fell prey to a well-executed phishing campaign.

Schools Adopting Online Learning Exposed to Cyber Attacks

Millions of homebound students are attending school through online edtech platforms and video conferencing apps.

Malicious actors have been hijacking video conference calls, especially on the Zoom application to deliver offensive content. Many countries have taken action to steer clear of Zoom because of the security risks that accompany it.

An over-reliance on digital platforms and the use of online platforms without much training leaves teachers and students at risk due to the existence of remote access protocols that could result in hacks.

Most of the institutions in the education sector have lagged in their cyber security risk management practices and this can lead to an increase in the threats they face.

With e-learning and virtual classrooms not containing much sensitive information the real value for attackers lie in exploiting the connection made between an organization and the provider.

Attackers can steal student data to phish individual users or leak the data online. To understand what the potential risk is, a series of incidents in late 2017 targeting multiple school district servers across the USA can give more clarity.

Bad actors exploited school IT systems to access sensitive information like student contact information, medical reports, counsellor reports and threatened students and school administrators in an attempt to get a payout.

Fake Covid-19 Vaccines on the Dark Web

There are always cyber criminals trying to exploit people in the unlikeliest of situations. If you thought things are any better on the dark web, you were wrong.

Cyber security researchers found links on the dark web where some hackers were trying to sell coronavirus vaccines. In fact, the links redirect users to phishing campaign sites. Independent websites have popped up on the dark web in languages targetting French and Italian users with the US not far behind.

Fake vaccines are not the only phishing campaigns used to lure people right now. There are scams offering home testing kits and medical gears in short supply as well.

Covid-19 Cyber Attack Attempt on WHO

Earlier in March, a group of cyber attackers targeted the World Health Organisation (WHO) in an unsuccessful attempt to mimic the WHO’s internal email system. Their primary aim was to steal passwords from multiple agency staff.

The use of WHO impersonations and compromise attempts have more than doubled during the coronavirus outbreak. Later on, the WHO published an alert warning people about hackers who are posing as the agency trying to steal money and sensitive information from the public.

With several communication methods available at the disposal of attackers, WHO reminds people to verify whether the communication is legit by contacting them directly instead of rushing into decisions and giving in to social engineering attacks.

Cyber criminals show no signs of slowing down or showing humanitarian concerns during these times and it is upon us to be aware of the threats that we face every day and be alert.

Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Abey Koshy Itty
Abey Koshy Itty
Marketing Manager
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.