The widespread transition to remote working has now given rise to a massive increase in lethal cyber-attack threats. Currently the total volume of coronavirus related security threats form the largest coalescing of cyber-attack threats that has even been evidenced.
This range of attacks include:
- Credential phishing
- Malicious attachments and links
- Business email compromise (BEC)
- Fake landing pages
- Malware and ransomware demands
Worldwide campaigns sending waves of emails, with volumes exceeding over 200,000 at any one time, are now targeting commercial and corporate business as well as smaller companies. These campaigns are using the global news centred on COVID-19 to underpin their operations. High on the hit list are critical healthcare providers, manufacturing and pharmaceutical industries. However, many other businesses providing a wide range of services are being affected.
One evidenced campaign originates from advanced persistent threat (APT) group TA505, who are currently using coronavirus loads in a downloader campaign. These are particularly dangerous threats because once delivered and installed, they can then download additional types of malware. Victims will consequently open themselves up for second-stage ransomware payloads. This group was behind the notorious Locky Ransonware Strain and the Dridex Banking Trojan and are believed to be one of the most advanced and significant financially motivated threats currently operating.
Therefore, in addition to using protecting virtual private networks (VPSs), remote workers must be meticulously vigilant and rigorously be on the constant look out for malicious emails and fake websites.
Local businessman Matt Naylor who owns Nationwide IT Company AC247 says “we have currently setup a support line to help people who have concerns about this.” You can call the support line on 01253 531347 and his company will give your business a free cyber-security assessment.