Cybersecurity officials in the U.K. National Cyber Security Centre (NCSC), the U.S. Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Agency (CISA) stated that cybercriminals and advanced persistent threat (APT) groups are targeting individuals and organizations with a variety of ransomware and malware attacks, thereby exploiting the COVID-19 outbreak for their personal gain. The security agencies have released a joint advisory describing the growing number of attackers and other malicious groups in the U.K. and the U.S.
The advisory also included a non-exhaustive list of indicators of compromise (IOCs) for cyberattacks detection and mitigation advice. It offers practical advice that individuals and organizations need to follow to mitigate the risk of being affected by cyberattacks. The IOCs provided within the accompanying .csv and .stix files of the advisory are based on analysis from CISA, NCSC, and other industry experts.
The NCSC and CISA stated that they’re working with law enforcement and industry experts to prevent COVID-19 related cyber activities. It’s said that the NCSC and the CISA have observed hackers scanning for vulnerabilities in remote working tools and exploited the increased use of video conferencing software.
Paul Chichester, Director of Operations at the NCSC, said, “Malicious cyber actors are adjusting their tactics to exploit the COVID-19 pandemic, and the NCSC is working round the clock with its partners to respond. Our advice to the public and organizations is to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as the U.K. Government, Public Health England or NHS websites.”
Bryan Ware, CISA Assistant Director for Cybersecurity, said, “As the COVID-19 outbreak continues to evolve, bad actors are using these difficult times to exploit and take advantage of the public and business. We urge everyone to remain vigilant to these threats, be on the lookout for suspicious emails and look to trusted sources for information and updates regarding COVID-19. We are all in this together and collectively we can help defend against these threats.”