COVID-19 chatter on dark web bodes Ill for cybersecurity
Cybersecurity professionals have long known that long before most cyberattacks are launched there’s a lot of chatter on the Dark Web about what’s coming next. Cybercriminals generally feel they can act with impunity, so they are fairly brazen about sharing tips and tricks with one another. Now that the COVID-19 pandemic is a global crisis, chatter about how to exploit it on the Dark Web is exploding. An report published this week by Sixgill, a provider of a cyber intelligence platform, finds offers on the Dark Web spanning involving everything from COVID-19 disinformation campaigns to the selling of counterfeit ventilators and N95 medical masks.
Undoubtedly, phishing attacks will be a part of that mix. A report published by Barracuda Networks finds there has already been a steady increase in the number of coronavirus COVID-19-related email attacks since January. Between March 1 and March 23, Barracuda Sentinel, a monitoring platform infused with artificial intelligence, detected 467,825 spear-phishing email attacks, with 9,116 of those detections were related to COVID-19.
That may seem like a small percentage of the total number of phishing attacks being launched. However, chatter on the Dark Web makes it plain this is just the tip of iceberg. Millions, perhaps even billions, of phishing attacks that purport to offer, for example, information about a potential cure to warnings of a breakout in a specific geographic region are in the offing.
What makes all that even more troubling is most employees are working from home using systems. They are likely to be accessing corporate and personal email systems using the same machine. Many of those employees will soon forget anything they may have learned about recognizing a phishing attack unless cybersecurity teams find a way to remind them.
In fact, the opportunity for cybercriminals to steal credentials has never been greater. Most cybercriminals are starting to realize the only thing standing between them and a potential treasure trove of data is a password that someone just typed on their home system. Even if they don’t capture the credential, the opportunity to use phishing attacks to implant malware on those home systems is beyond huge. Most cybersecurity teams, unfortunately, may not discover that fact until long after that malware has migrated from that home system to a corporate server and then on to the rest of the enterprise. It may be months before that malware is even activated.
In an ideal world, cybersecurity teams would proactively hunt for that malware starting now. The challenge they face is like everyone else they may be working from home. As such, they are subject to the same scheduling conflicts and assorted other distractions that everyone is struggling to manage. It’s easy for cybersecurity teams to miss something that on any other day they would immediately catch.
Put it altogether and it’s clear that while COVID-19 is a real-world virus that kills people it’s also a pandemic that will also spread to the digital world. Cybersecurity professionals should steel themselves to combat a wide range COVID-19 related cybersecurity attacks that will be around long after the virus itself is hopefully one day soon contained