While most of the country is hunkered down at home practicing social distancing, cybercriminals are working overtime to take advantage of the pandemic. Examples of current fraudulent scams include hackers impersonating health organizations and the CDC, coronavirus-themed phishing emails, and malicious domain registrations guised as educational resources. Read our tips on what you can do to keep your business and your employees safe from enterprising fraudsters during this uncertain time.
Remote Workers Are A Sweet Spot
Malicious actors have wasted no time creating coronavirus scams, and employees that are being asked work remotely are one of their prime targets. Cybercriminals are focusing on online services being used more than usual, like Zoom, as well as impersonating employees from IT departments, who then request employees to download a malicious program.
“There are nation-states that are actively taking advantage of the situation, particularly our Cold War adversaries, and we need to be keenly aware that they are aware of the lack of security that is presented by everyone telecommuting,” Tom Kellermann, who served on a presidential cybersecurity commission during the Obama administration, told The Hill.
Remote employees need to be more mindful of their online hygiene and should follow several best practices:
- Ensure that you have your companies best practices for working from home, including a list of what programs you should be using for calls, video conferencing, file sharing and whether you need a virtual private network (VPN) to log in to your network
- Be more cautious when clicking on suspicious links and emails, especially those related to the coronavirus
- Employees working at home should only use company approved devices, such as laptops
- Whenever possible, employees should VPN into their business network but if they must use home WiFi, they need to ensure it is password protected – public WiFi is not suggested
- Strengthen passwords with letters, numbers and symbols and enable multifactor authentication
High Profile Attacks
Cybercriminals are already targeting virus-related resources. A popular interactive COVID-19 tracking map maintained by Johns Hopkins University was recently attacked, with fraudsters selling malware claiming to compromise the map and infect users.
“If you receive an email containing a link to download such an item or come across the code for the malicious app please report it immediately to the Esri incident response team through ArcGIS Trust Center security concern page,” Johns Hopkins spokeswoman Jill Rosen in a statement.
Threat actors have also started to use the World Health Organization’s name to send out emails with an attachment that will install the AgentTesla Keylogger. In one campaign, recipients of an email were told that a cure was being withheld, and to click on a link that will give the recipient information about the cure.
And to make matters even worse, he U.S Health and Human Services Department was targeted in a cyberattack over the weekend, likely intended to slow the agency’s systems down. The event prompted the National Security Council (NSC) to tweet about the spread of disinformation on Sunday
“Text message rumors of a national #quarantine are FAKE. There is no national lockdown,” NSC tweeted late Sunday night. “(The Centers for Disease Control and Prevention) has and will continue to post the latest guidance on #COVID19.”
University Hospital Brno located in Czechia was a also victim of a major cyberattack. Patients had to be treated at other hospitals, and all surgeries were put on hold. It is believed that the infrastructure may have been encrypted by ransomware that took advantage of the virus situation.
“Healthcare workers or administrative staff are low-hanging fruit for today’s opportunistic hackers,” said Jake Olcott, vice-president of government affairs at risk management firm BitSight. “As they seek answers to important questions in a time of crisis, these employees may be susceptible to a hoax email that appears to come from a trusted government body. This is hugely problematic for healthcare companies that are already struggling to reduce cyber security risk.”
A Proactive Data Security Approach
In addition to maintaining best IT practices in this uncertain time, companies need to consider their overall data security strategy so that if their systems are compromised = hackers get nothing of value.
Bluefin is a staunch advocate of a payment and data security approach that includes PCI-validated P2PE, tokenization and EMV. We were the first North American provider of a PCI-validated P2PE solution to secure POS payments and today, Bluefin has over 110 global partners providing their PCI P2PE solution in 32 countries. In October of 2019, we introduced our ShieldConex® data security platform for the protection of financial information, PII, and PHI entered online. ShieldConex utilizes Bluefin’s proprietary SAFE™ (Shielded Access Form Element) tokenization and iFrame solutions to receive sensitive data directly from the consumer via the company’s website or via an API connection. ShieldConex is also one of the only data security solutions that can support both FPT and FPE.
With P2PE and ShieldConex, Bluefin provides a complete omni-channel suite for payment and data security, addressing important privacy regulations, including GDPR, CCPA and HIPPA, as well as ensuring PCI compliance, reducing scope and providing cost benefits. Contact us to learn more.