The latest outbreak of the deadly strain of corona virus has infected thousands of people worldwide and spread to many countries. In light of the World Health Organization’s declaration of this outbreak as a global public health emergency, the disease’s rapid spreading is threatening to overwhelm the available medical remedies and personnel. Already, various nations including Japan and US are putting measures in place to manage the impact of the virus. Organizations are also starting to take a hit as the spread of the corona virus starts to cause disruption spanning the global economy.
With the risks realized from a potential worldwide pandemic outbreak, CYFIRMA’s Threat Intelligence team will like to recommend the organizations to start early planning for pandemic risk management and ensure their Business Continuity Plans (BCP) outline how they will prepare for a pandemic and continue to operate post the disaster.
As part of the planning, organizations need to:
While devising the BCP for events such as pandemic outbreaks, organizations need to include the following:
Expected threats in the wake of Corona Virus Spread
As reports about the latest corona virus outbreak flood the web, cybercriminals are expected to leverage these updates to deploy the widespread reports to mislead unsuspecting victims into opening bogus emails directed to them. These emails ultimately lead to phishing attempts through which the target’s information and passwords are extracted. In light of the increased chances of global health emergencies, there is a heightened chance of hackers leveraging the fears around the health emergency to their advantage and infect more people with malware.
CYFIRMA’s Threat Intelligence team will like to alert organizations about spam campaigns that could use the corona virus to bait users into clicking on malicious web links or attachments. This is what is primarily achieved via social engineering, wherein, especially in the case of a health emergency, cyber criminals could capitalize on the people’s fears of the deadly virus.
A popular instance of the same could be emails purporting to be from renowned health organizations such as WHO or National Health Commission, with a bogus attachment claiming to include corona virus safety tips or a bogus advisory about the status of corona virus in the country. As soon as the target user is misled into downloading the attachment, the file drops a malware onto the target’s system and circumvents the existing antivirus defenses.
It is ironical, and chilling, how a ‘real’ world virus can offer malicious actors the opportunities to exploit unsuspecting targets and create an equivalent negative impact spanning digital ecosystems.
In the wake of the outbreak, massive quantum of misinformation about the corona virus is doing the rounds, including bogus videos and websites citing incorrect (mostly exaggerated) number of people, and geographies, as impacted by the virus. False sources include, ironically, the Chinese state media and their government officials. Thus, aside from the graver issues, a less immediate danger includes the possibility of increased online hoaxes. Hackers can peddle bogus virus safety tips and cures as a cover story for advance fee scams, while their targets are more likely to fall prey to these advances in light of the global prevalence of this emerging outbreak story.
Multiple pandemic business continuity plans identify telecommuting as a major component of response to a virus outbreak. Telecommuting can contain the disease spread, while allowing organizations to continue to operate. However, remote access communications may be carried over untrusted networks. Some of the remote access threats are as follows:
And many more…
Threat actors are aggressively striving to piggyback on major events and virus/disease outbreaks to mislead potential victims and spread their malware for nefarious purposes. CYFIRMA’s proprietary AI and ML technology analyzes global threat indicators – including possible attack indicators wrapped around the spread of the deadly corona virus –and offers cyber threat visibility and intelligence aimed at keeping the organization’s cybersecurity posture up-to-date, resilient and ready against upcoming cyber-attacks.
In the wake of more corona virus pandemic, CYFIRMA’s Threat Intelligence team will like to advise users to carry out the following mitigative measures:
CYFIRMA Advisory and Research also covers essential best practices applicable to securing remote access. Organizations are advised to adhere to these guidelines:
CYFIRMA’s product and service offerings provide targeted insights that can help make an organization’s cyber posture management resilient and robust in handling disasters and pandemic situations like the one presented by the corona virus outbreak.