https://fortune.com/2020/03/18/hackers-coronavirus-c
ybersecurity/

How hackers are exploiting the coronavirus--and how to protect yourself

By
David Z. Morris

March 18, 2020 5:01 AM EST

The race is on to create a coronavirus antiviral drug and vaccine
Gilead's drug Remdesivir is already being tested on patients.

We all have new worries thanks to the current coronavirus pandemic, but
the old worries haven't gone away. Among them: malicious hackers, some
of whom are trying to use the outbreak to steal or ransom victims' data.

Several recent attacks have attempted to leverage the coronavirus by
getting people to click on links in messages about the illness,
according to a report by cybersecurity firm Nocturnus on Wednesday.
Hackers have also tried to use the influx of people working at home
because of the virus to their advantage.

Chief among the techniques are coronavirus-themed phishing campaigns
targeting countries hard-hit by the coronavirus, including China, Japan,
South Korea, and Italy. As with many other phishing efforts, the
hackers' goal is to get a user to click on an emailed link that
downloads malicious malware, which can be used to steal victims'
personal data or freeze their computers.


Nocturnus said the emails have tried to bait users into clicking with
subject lines such as "Coronavirus: Important information on
precautions" (in this case, in Italian). Other phishing emails spotted
by a second security firm, Nuspire, include messages about a coronavirus
vaccine (which doesn't exist yet), deals on medical equipment, and
investment opportunities related to the outbreak.

Coronavirus-themed ransomware, which can encrypt a computer's hard
drive, enabling hackers to demand payment to unlock it, has also been
used. One piece of malware spotted warns victims: "Just because you're
home doesn't mean you're safe," before demanding payment to unlock
files, according to Nocturnus.

Software appearing to provide information about the coronavirus, while
actually delivering malicious software, is another problem. "Coronavirus
map" software that appears to track the global pandemic, for example,
also hides the password-stealing malware AZORult, cybersecurity firm
Reason Security said. The Nocturnus report also identified a mobile app
that promises "Ways to Get Rid of Coronavirus," which, in fact, delivers
malware that steals banking information.

Nocturnus has also found suspicious domains claiming to distribute VPN,
or virtual private network, software. Many white-collar workers who are
now working from home may need such software. But attempting to download
it from an untrustworthy site could leave computer with--again--a
dangerous malware infection.

How to avoid malware

Broadly, avoiding most of these risks means following the same advice as
during more normal times. Don't click on links from unknown people. Only
download or install software from trusted sources. And verify that the
URL of any website that asks users to enter a password is accurate:
Hackers often set up URLs that are similar to real websites to harvest
passwords.

Remote-work vulnerabilities

The sudden increase in remote work that many companies have instituted
over the past week introduces a new set of cybersecurity risks to
organizations. The fundamental problem: Communication that is entirely
online makes it much easier for bad actors to use deception to gain
access to systems. This type of hack, generally known as social
engineering, relies on con artistry rather than code.

Hackers may "call into a department and pretend to be another
department" of an organization, says Marty Puranik, president and CEO of
cloud computing provider Atlantic.net. Chris Wysopal, cofounder and
chief technology officer of security firm Veracode, warns that hackers
may pretend to be employees having remote access problems thus tricking
IT staff into giving them access. Both scenarios suggest taking
additional care when verifying identities remotely.

Even more worrisome, Puranik says hackers "could impersonate Department
of Homeland Security [personnel] and call a police department, call a
hospital chain and say, we need access to your system so we can, for
example, enforce a curfew." DHS did not respond to inquiries from
Fortune about how companies can confirm the identities of government
agents remotely, but one simple solution would be for them to contact
DHS directly to investigate suspicious requests.

Hackers impersonating government agents may have goals well beyond
stealing bank account information, or even infiltrating corporate
systems. An attempted hack of the U.S. Health and Human Services agency
website on Sunday appears to have been aimed at slowing emergency
information systems and spreading false information through text messages.

Much is unclear about the attack, but some sources told Bloomberg that
it was likely state-backed. The incident suggests that the coronavirus
pandemic could become partly a replay of the 2016 U.S. election, with
governments angling to destabilize opponents by sowing fear and distrust.

At their most extreme, hacks could even interfere with systems vital in
the fight against the virus. A Czech hospital appears to have been hit
by a ransomware attack, in which hackers shut down its information
systems and asked for money to eliminate the problem, though there is no
evidence that attack was state-backed.

The fluid situation is likely to make serious cyberattacks of many sorts
easier, says Puranik. "Sometimes the rules go out the window when
there's a lot of volatility. Someone might let down their guard.

"It makes it easier for malicious actors to take advantage of the system."

[...]

do góry

W dniu 2020-03-21 o 22:10, u2 pisze:

Pozwolę sobie przypominać ze jesteś tym palantem od niechcianej
prasówki i kretynem który nie potrafi się zastosować do swojej rady
czyli do ustawienia filtra na oponenta.


Pozdrawiam

do góry