The COVID-19 pandemic threatens both physical, online world as cybercriminals persist on exploiting it to trick users, and cybersecurity professionals are uniting globally to stop online crooks. — Photo courtesy of the company
HCM CITY — While cybercriminals will continue to use the Covid-19 pandemic for financial gain, cybersecurity professionals around the world are uniting to fight them, according to global cybersecurity company Kaspersky.
Speaking at a recent online webinar, Vitaly Kamluk, its director for Global Research and Analysis Team Asia Pacific, said the COVID-19 CTI League, a non-profit, voluntary focus group made up of more than 150 different individuals and organisations from across the globe, has sought to take down fake websites, detect coronavirus-related malware and offer incident response in case of an attack.
Kaspersky is part of this group.
He has personally developed Bitscout, an open-source and free tool for anyone interested in digital forensics and cyber investigations.
According to researchers, pandemics threaten both the physical and online world.
“Any big trend or any big event in the physical world will always have a reflection in the cyber domain,” Kamluk said.
At the webinar he also pointed out how COVID-19 has disturbed the normal IT eco-system of organisations.
The various quarantine measures resulted in more staff taking work computers to arguably unprotected home networks, widening the surface of attack for cybercriminals, and an increased number of employees accessing their companies’ assets and networks through their vulnerable personal devices, he said.
Now understandably companies have to cut budgets and choose cheaper cybersecurity solutions and have lost the ability to do incident response on location in case of a cyberattack.
Social engineering attacks have also become easier during the global chaos as more people fall for simple tricks, and cybercriminals are well aware of it.
Kaspersky researchers have detected a seven-year-old malware in Việt Nam and in some countries in APAC resurrected through automated behaviour and made relatable by just adding phrases related to the coronavirus situation.
“Using names and popular terms related to the current pandemic simply elevates the probability of these worms being opened by another user after it is copied to a network share or a USB drive,” Kamluk said.
The names of the detected malware include BC rut kinh Nghiem COVID.exe, Tuyen truyen dich COVID 19.exe, 2KH CXUNG KICH COVID.exe, and KE HOACH COVID GIAI DOAN 2.2020. chuan.exe, he said.
Kaspersky said business could protect themselves by deploying minimal dedicated secure gateways to all employees, making sure everyone runs an AV and EDR solutions and reports status to a central server, mandatory 2FA and biometric authentication, and running dedicated video-conferencing servers on company premises. — VNS