According to INTERPOL, cybercriminals are taking advantage of the COVID-19 pandemic, boosting cyberattacks at an alarming pace.
Learn more about their key findings, and what they are projecting will happen in the near future!
COVID-19 Pandemic : New Opportunities For Cyberattacks!
The COVID-19 pandemic has forced organisations and businesses to rapidly deploy remote work systems and networks to support staff working from home
Cybercriminals are taking advantage of these new COVID-19 work-from-home normals, targeting staff of major corporations, governments and critical infrastructure to steal data and generate profits.
Online Scams + Phishing
Threat actors have revised their usual online scams and phishing schemes. By deploying COVID-19 themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content.
Around two-thirds of member countries which responded to the global cybercrime survey reported a significant use of COVID-19 themes for phishing and online fraud since the outbreak.
Ransomware + DDoS
Cybercriminals are increasingly using disruptive malware against critical infrastructure and healthcare institutions, due to the potential for high impact and financial benefit.
In the first two weeks of April 2020, there was a spike in ransomware attacks by multiple threat groups which had been relatively dormant for the past few months.
Law enforcement investigations show the majority of attackers estimated quite accurately the maximum amount of ransom they could demand from targeted organisations.
Data Harvesting Malware
Taking advantage of the increased demand for medical supplies and information on COVID-19, there has been a significant increase of cybercriminals registering domain names containing keywords, such as “coronavirus” or “COVID”. These fraudulent websites underpin a wide variety of malicious activities including C2 servers, malware deployment and phishing.
From February to March 2020, a 569 per cent growth in malicious registrations, including malware and phishing and a 788 per cent growth in high-risk registrations were detected and reported to INTERPOL by a private sector partner.
An increasing amount of misinformation and fake news is spreading rapidly among the public. Unverified information, inadequately understood threats, and conspiracy theories have contributed to anxiety in communities and in some cases facilitated the execution of cyberattacks.
Nearly 30 per cent of countries which responded to the global cybercrime survey confirmed the circulation of false information related to COVID-19. Within a one-month period, one country reported 290 postings with the majority containing concealed malware. There are also reports of misinformation being linked to the illegal trade of fraudulent medical commodities.
Other cases of misinformation involved scams via mobile text-messages containing ‘too good to be true’ offers such as free food, special benefits, or large discounts in supermarkets.
INTERPOL : Projection Of Future COVID-19 Cyberattacks
Here are INTERPOL’s projection of future COVID-19 cyberattacks :
A further increase in cybercrime is highly likely in the near future. Vulnerabilities related to working from home and the potential for increased financial benefit will see cybercriminals continue to ramp up their activities and develop more advanced and sophisticated modi operandi.
Threat actors are likely to continue proliferating coronavirus-themed online scams and phishing campaigns to leverage public concern about the pandemic.
Business Email Compromise schemes will also likely surge due to the economic downturn and shift in the business landscape, generating new opportunities for criminal activities.
When a COVID-19 vaccination is available, it is highly probable that there will be another spike in phishing related to these medical products as well as network intrusion and cyberattacks to steal data.
Tatyana Shcherbakova tells us what she and her team discovered!
Warning : COVID-19 Email Scams Are Spreading!
As the COVID-19 coronavirus spreads, fake information is being created and distributed at a very high rate, confusing people all over the world.
Cybercriminals are taking advantage of the confusion, creating various email scams, with some realistic ones pretending to be from the WHO.
Tatyana Shcherbakova, a senior web content analyst, details how her team looked at the COVID-19 email scams, and came across the realistic ones from WHO…
WHO Is Warning You? These Are COVID-19 Email Scams!
At first, we found emails offering products such as masks, and then the topic became more commonly used in Nigerian spam emails. We also found scam emails with phishing links and malicious attachments.
One of the latest spam campaigns mimics the World Health Organization (WHO), showing how cybercriminals recognize and are capitalizing on the important role WHO has in providing trustworthy information about the coronavirus.
Users receive emails allegedly from WHO, which supposedly offer information about safety measures to be taken to avoid a COVID-19 infection.
Once a user clicks on the link embedded in the email, they are redirected to a phishing website and prompted to share personal information, which ends up in the hands of cybercriminals.
This scam looks more realistic than other examples we have seen lately, such as alleged donations from the World Bank or IMF for anyone who needs a loan.
In order to stay safe, we advise users to carefully study the content of the emails they receive and only trust reliable sources.
If you are promised a vaccine for the virus or some magic protective measures, or content of the email is making you worried, it has most likely come from cybercriminals.
This is especially true if the sender suggests clicking on a link and sharing your personal data or opening an attachment.
You should not donate any real money or trust information with promises to help those affected by the virus, even if the email comes from someone who introduces themselves as an employee of a trusted organization.
Finally, double check the email address, as scammers often use free email services or addresses that have no relation to the organization mentioned.
Malware Masked As COVID-19 Coronavirus Documents!
They also found malicious files disguised as documents related to the COVID-19 coronavirus. The malicious files were masked under the guise of pdf, mp4 and docx files about the COVID-19 coronavirus.
The names of files imply that they contain video instructions on how to protect yourself from the virus, updates on the threat and even virus detection procedures, which is not actually the case.
In fact, these files contained a range of threats, from Trojans to worms, which are capable of destroying, blocking, modifying or copying data, as well as interfering with the operation of computers or computer networks.
Some malicious files are spread via email. For example, an Excel file distributed via email under the guise of a list of coronavirus victims allegedly sent from the World Health Organization (WHO) was in fact a Trojan-Downloader, which secretly downloads and installs another malicious file.
This second file was a Trojan-Spy designed to gather various data, including passwords, from the infected device and send it to the attacker.
COVID-19 Email Scams + Malware : How To Avoid
As governments and businesses are forced by the COVID-19 coronavirus to encourage their employees to work from home, it is critical that they employ these cybersecurity practices to reduce risk of falling for phishing attacks, or malware :
Provide a VPN for staff to connect securely to the corporate network
All corporate devices – including mobiles and laptops – should be protected with security software
The operating system and apps should be updated with the latest patches
Restrict the access rights of people connecting to the corporate network
Ensure that the staff are aware of the dangers of unsolicited messages
As part of Safer Internet Day (SID), Antony Cook from Microsoft shared the key cybersecurity trends in 2020, and how we can stay safe against those dangers.
Even if we are experienced techies, it is enlightening to find out what Microsoft believes are the cybersecurity threats that we should be looking out for in 2020.
Microsoft : Key Cybersecurity Trends In 2020!
Cybersecurity Trend #1 : Less Ransomware But More Attacks
Ransomware has declined in recent years, dropping more than 60% from its peak. But Microsoft sees a rise in other types of cyberattacks.
Attackers have learned that ransomware attracts too much attention from law enforcement, and organisations have gotten better at backing up their data.
So hackers are moving onto other activities like cryptocurrency malware and phishing, where they can more easily profit with less attention.
Cybersecurity Trend #2 : Mining Malware Will Be Big!
Attackers are often acting for financial benefit, so they will make big bets on cryptocurrency, especially in Bitcoin.
They will focus more on mining malware that lets them use your computer to mine cryptocurrency coins without being detected.
Coin mining software is easily available, and cybercriminals have put malware into many widely-shared and used software. They are also trying to inject these malware through websites illegally streaming copyrighted content like the latest movies.
Cybersecurity Trend #3 : Embedded Threats
Attackers are now more sophisticated, targeting legitimate and trusted software supply points to deliver malware. There have been many examples of this attack vector :
a routine update for a tax accounting application,
popular freeware tools which have backdoors forcibly installed,
a server management software package,
an internet browser extension or site plugin,
malicious images which active scripts when clicked,
In those cases, attackers were able to change the code of legitimate software that people trust and install without hesitation, allowing them to “hitch a ride”.
This attack vector is very dangerous and frustrating, because it takes advantage of the trust that consumers and IT departments already have for legitimate software.
Cybersecurity Trend #4 : Phishing Scams
Phishing continues to be one of the most effective ways to compromise systems, because it targets human decisions and judgment.
Microsoft noted that the percentage of inbound emails that were detected as phishing messages increased 250% throughout 2018, and they expect the final figures for 2019 to show the same trend.
Microsoft : How To Stay Safe In 2020!
Here is a summary of what Microsoft believes we should do to stay safe online against cybersecurity threats in 2020 :
Cybersecurity Tip #1 : Practice Good Security Hygiene
Keep your operating system and software updated.
Turn on email and browser protections.
Apply the cybersecurity configurations that your hardware and software vendors recommend.
Stay away from any unfamiliar software or websites.
Use only legitimate software, and not just your key applications.
Cybersecurity Tip #2 : Implement More Access Controls
System administrators should implement more access controls, using Zero Trust or at least privilege models.
This will limit hackers that successfully break into your network from accessing more than a segment.
Cybersecurity Tip #3 : 3-2-1 Backup!
Make sure you create and keep backups, and the cloud is a great tool for this.
Microsoft recommends adhering to the 3-2-1 rule – keep three backups of your data on two different storage types, with at least one backup offsite.
Cybersecurity Tip #4 : Keep Vigilant!
Even if we implement strong cybersecurity measures, we must remain vigilant, and keep an eye out for suspicious activity.
Not just system administrators, but users as well. If you see anything suspicious – report it to your IT department immediately.
It can be anything from a sudden slowdown in your computer’s performance, to strange web pages and images appearing.
Kaspersky Lab just issued a travel scam alert and advisory for this holiday season. Pay attention, so you will enjoy a great holiday!
Travel Scam Operations On The Rise!
Kaspersky Lab researchers have uncovered several travel scam operations last month, seeking to trick holiday-goers looking for great bargains.
Fraudsters Are Phishing For Unwary Victims
There were more than 8,000 phishing attacks, disguised as offers from popular lodging platforms. In fact, 7,917 of those phishing attacks specifically targeted people looking for Airbnb rentals.
In one example, fraudsters created a phishing page that look like an Airbnb page, and pretended to offer cheap city-centre rentals with high review scores. Once the victim confirmed and paid for the booking, both the fraudsters and the offer disappeared.
Spam Is Still Effective!
In just one day, the researchers detected 7 different fake email blasts that are very convincingly disguised as offers from popular booking platforms for airline tickets and accommodation.
Three of those spam emails actually offered FREE FLIGHTS in return for the completion of a short online survey, and sharing the link with other people. After answering just three questions, victims were asked to enter their phone numbers, which were then used to subscribe to paid mobile services.
Travel Scam Methods
Spam and phishing attacks were amongst the most effective attack vectors. They use social engineering to manipulate and exploit human behaviour.
These travel scam operations are often very sophisticated, using fake sites that are almost identical to the legitimate websites.
They, therefore, easily trick unwary victims into handing over their credit card details, or pay for a product or service that does not exist.
Mobile Booking Risk
More people are booking their flights and accommodations on a mobile device, which makes it harder to spot fake links. This makes mobile users particularly vulnerable to both spam and phishing attacks.
Kaspersky Travel Scam Advisory
To avoid these travel scams, Kaspersky Lab recommends taking these security measures :
If an offer seems too good to be true, it probably is. AVOID IT!
CHECK the link in the browser’s address bar before you key in sensitive information like your login and password.
If it is misspelled (e.g. airbnb.com.room.online), or does not match the page you are visiting (like this example below), or uses special symbols instead of letters, don’t key in any information. CLOSE THE PAGE!
An Expedia page with a Booking.com address??? Something’s NOT right…
Book your stay and tickets only with trusted providers.
Make sure you are on their actual websites by typing in their address in the browser’s address bar.
NEVER click on links that come from an unverified source, whether it’s in an email, an instant message or through social networks.
On the eve of the 2019 Imagine Cup Asia competition in Sydney, we met with the top 12 Asian teams that will compete for a coveted spot in the 2019 Imagine Cup 2019 World Championship!
Let’s take a look at the twelve awesome Asian teams, and see the innovative ideas they will be pitching in the 2019 Imagine Cup Asia Regional Finals!
What Is The Imagine Cup?
Held and sponsored by Microsoft since 2003, the Imagine Cup is the world’s premier student technology competition. Teams of students from across the globe work together with mentors and industry leaders to bring their biggest and boldest ideas to life.
The 2019 Imagine Cup Asia Regional Finals
This year, Microsoft organised the 2019 Imagine Cup Asia Regional Finals in Sydney, Australia. Hundreds of teams from 17 Asian countries submitted their projects, but just twelve great teams won a shot to participate in the Asia Regional Finals.
These twelve teams will compete for US$20,000 in prizes on 12 February, but only one team will win the ultimate prize – an all-expenses paid trip to the World Finals in Seattle!
There, the 2019 Imagine Cup Asia Regional Champion will participate along the best and brightest teams from across the globe to claim the title of World Champion, US$100,000 cash prize, and the chance to take home the Imagine Cup!
The 2019 Imagine Cup Asia Regional Finalists
Country : China
Project : Rail Component Inspection Robot
Their Rail Component Inspection Robot (which combines AI and IoT) operates through automatic positioning, and identifies various defects through multi-sensor fusion in order to realise the replacement of workers in a rail inspection project.
Country : India
Project : Spot – AR Based Product Filtering
Spot allows you to recognise packaged foods and check if it contains a certain ingredient or exhibits a certain character.
If a tourist visits India, he is unaware of what he can eat because packets have information written in a foreign language.
Country : India
Project : Caeli – Breathe Freely
Caeli is a smart automated Anti-Pollution and Drug delivery mask specifically designed for Asthmatic and Chronic Respiratory Patients.
Caeli implements breakthrough features to improve the quality of life for respiratory patients living in polluted areas.
Country : India
Project : RVSAFE
Disasters often strike, when we are least prepared to face them. They leave behind a trail of destruction, adversely affecting human life, and property.
The loss caused by disasters can be significantly reduced with better communication and proper management. Keeping this in mind, we designed RVSAFE, a one-stop solution for effectively handling any kind of disasters (natural or man-made).
Country : Indonesia
Project : Selection – Social Media
Sellution is a software as a service (SaaS) to help SMEs to perform social media marketing, not just in an easy way, but is also effective and efficient.
Sellution’s main features are optimizing marketing content, help finding the right audience, and recommendations.
Country : Korea
Project : Fishing Phishing
Fishing Phishing by the Fhisherman team from Korea is a smartphone application that uses Machine Learning to analyse call voices in real-time.
It is designed to detect scam calls and warn the users!
Country : Malaysia
Project : Smart Urban Farming with Automated Environmental Controlled Systems (SUFECS)
SUFECS was developed to transform the farming experiences of urban farmer.
With SUFECS, farmers can monitor and control the artificial environment to achieve the most suitable environment for crops.
Country : New Zealand
Project : LookUP
It is estimated one in five people in the world are dyslexic. However, most QnA platforms are completely text-based.
LookUP is a medium in which the dyslexic and non-dyslexic communities can effectively collaborate and learn from one another.
Country : The Philippines
Project : Aqua Check – Water Contamination Mobile Application
Aqua Check utilises Microsoft Azure’s Custom Vision to empower anyone to analyse for contamination by taking a photo of a water sample through a microscope.
Using Azure Web and Azure Maps, we are able to map the contamination locations.
Country : Singapore
Project : Mobile Augmented Reality Navigation Application for Wheelchair Users
This project aims to develop a mobile application, InclusiveAR, to assist wheelchair users in travelling.
InclusiveAR will map out wheelchair-accessible routes and provide visual guidance to direct wheelchair users to their destinations using AR.
The Straw Hats
Country : Sri Lanka
Project : Mind Probe
Our project aims to help people with disabilities like ALS, DMD, etc. which impair their ability to communicate.
We tap into their brain waves and use that to predict the number they are thinking and use that information to interface with a smartphone.
Country : Thailand
Project : Maker Playground
Maker Playground is a next-generation IDE for IoT project development from developing device firmware, generating circuit diagram, programming your device, and designing an IoT dashboard all in one software.
See You @ The 2019 Imagine Cup Asia!
Congratulations to the 12 awesome teams!
Later today,, they will present their projects at the 2019 Imagine Cup Asia Regional Finals… and by 5 PM, we will find out who the 2019 Imagine Cup Asia Regional Champion will be!
Kaspersky Lab is not letting their woes with the US Department of Homeland Security detract them from their core business of protecting consumers against cyberthreats. That was the message they conveyed when they presented the Kaspersky Lab protection options for Household 2.0.
The modern home has changed. In the new era of Household 2.0 which consists of 2.4 people and 0.3 pets, there is an average of 6.3 connected devices per house! Yet, the Kaspersky Cybersecurity Index found that 39% of people are leaving their devices unprotected from cyberthreats like hacking, malware, financial fraud and more.
To protect these connected devices that play such a prominent role in Household 2.0, Kaspersky Lab is introducing updated versions of Kaspersky Internet Security and Kaspersky Total Security.
Kaspersky Lab Protection For Household 2.0
The updated Kaspersky Internet Security and Kaspersky Total Security come with anti-phishing technology to prevent users from falling victim to fake or spam emails, fake websites and fraud.
In addition, the updated URL Advisor tells a user whether a link in the search engine leads to a trusted, suspicious, dangerous or phishing website, or a website that may cause their computer harm, via a special indicator close to each link.
Many people are also worried about ransomware and the loss of their digital memories. To give them peace of mind, the new Kaspersky Internet Security and Kaspersky Total Security have updated anti-ransomware features.
Protecting your mobile devices is the new App Lock feature for Android. You can now protect specific apps like instant messaging services, social media or email accounts with a secret code. You can also use the Kaspersky Secure Connection service to encrypt your network traffic whenever you use a public or insecure Wi-Fi network.
Children are also increasingly connected to the Internet. To protect them, parents can use Kaspersky Safe Kids parental controls in Kaspersky Total Security to set time limits, restrict applications and prevent access to pages with adult content, obscene language or information on drugs and weapons.
In conjunction with the announcement of the new Kaspersky Lab protection fo household 2.0, Techlane Resources, the Kaspersky Lab distributor in Malaysia, announced the Kaspersky Think Security Campaign.
You can now purchase Kaspersky Internet Security 3 Devices 1 Year at RM 179 / US$ 44 and get the following Kaspersky products absolutely FREE :
Kaspersky Internet Security 1 Device 1 Year,
Kaspersky Internet Security for Mac 1 Year, and
Kaspersky Internet Security for Android 1 Device 1 Year
You can also purchase Kaspersky Anti-virus 1 Device 1 Year at RM39.90 / ~US$ 9.70 and get the following Kaspersky products absolutely FREE :
Kaspersky Anti-Virus 1 Device 1 Year,
Kaspersky Internet Security for Mac 1 Year, and
Kaspersky Internet Security for Android 1 Device 1 Year
Hackers have plenty of impetus for targeting large enterprises, especially government agencies, financial institutions and health care organizations. Even large entertainment firms such as Sony Pictures, retailers like Target and telecommunications companies including TalkTalk have been exploited by cyber criminals.
That said, the highest valued companies are not the easiest targets, especially since there are relatively few of them compared to the amount of small and medium-sized businesses. Hackers on the prowl will follow any and all leads to a quick payday. Often, this means firing into the crowd, so to speak.
Cyber criminals will have better success going after a larger number of targets than trying to orchestrate advanced targeted attacks against one bigwig organization. Even as cyber criminals continue to become more ambitious, in all likelihood, cyber attackers will continue to go after smaller businesses in 2016. For this reason, it’s worth reviewing some of the biggest cyber threats currently facing SMBs.
Distributed denial of service attacks represent a huge cyber threat to any business, but especially to SMBs that can only afford limited bandwidth. As hinted at in the name, the purpose of a DDoS attack is to shut down a server, thereby blocking user access to specific Web services or applications. This is accomplished by flooding network intrastate with meaningless traffic. Hence the name, the heavy distribution of requests results in a network crash.
There are countless motives for orchestrating a DDoS attack. For example, it may be executed in an attempt to shut down specific security services, so as to orchestrate a more serious, supplementary attack. However, more often than not, the goal is extortion. Hackers will flood a network, and will send ransom notes to the company stating that they won’t ease up until a certain amount of money has been paid to them. This is precisely what happened to ProtonMail in late 2015. Cyber attackers shut down the company’s central data center, and then requested a ransom of 15 Bitcoins, the rough equivalent of $6,000. In response to pressure from third parties, ProtonMail paid the ransom. However, the cyber criminals did not ease up.
The first main takeaway here is that DDoS attacks remain a significant threat to all organizations, but especially companies that offer Web-based services, and in particular, SMBs that might not have significant bandwidth. The second lesson from the incident is that any SMB that falls prey to an attack should not pay a ransom. Recovery will be time consuming, and will most likely impact revenue. However, paying cyber criminals a ransom only for them to continue the attack will result in even more lost money. When it comes to prevention, network vigilance is key. Any early signs of an impending DDoS attack may make it possible to mitigate the effects. Laying out a smart network infrastructure that can evenly distribute barrage of traffic may also alleviate some of the strain.
Striking the point of sale
Point-of-sale malware is not a new cyber threat, but it’s one that has become especially prominent in the past few years. According to Trend Micro, SMBs were hit particularly hard in 2015, having accounted for 45 percent of all scenarios involving POS malware. Everything from restaurants to boutiques to small service providers are heavily targeted, mainly because cyber security is not quite as strong for these companies. Not to mention, smart, sneaky new strains of POS malware are always being created.
For example, Trend Micro researchers recently discovered a form of malware that seeks out POS systems in a network. Dubbed “Black Atlas,” the malware does not appear to target specific companies in any particular industry. However, SMBs are the most likely to be affected.
Other POS threats come in the form of skimmers. These are basically rigged payment processing units that are designed to collect card information, which is then sold on the Dark Web. Part of the reason this is such a big problem for SMBs is because smaller businesses are more likely to purchase less-expensive, poorly vetted card payment systems. Some of these are actually pre-configured with skimmers. In fact, Trend Micro noted that in China, cyber criminals can actually receive text messages every time a skimmer successfully plunders payment information.
In order to avoid being snagged by a POS malware scam, SMBs are encouraged to always purchase verified, well-known payment processing systems. This will significantly reduce the threat of skimmers. Defending against POS malware is slightly more complicated as strains continue to become more elaborate, and generally more difficult to detect. There have been several cases in the past few months of hotel chains having customer payment information stolen as a direct result of POS malware.
The good news, however, is that the use of EMV chip technology significantly reduces the chances of payment information being pilfered. Rather than using the same code for every transaction – as magnetic stripes do – these chips generate a single-use script for each purchase, so that even if hackers to manage to collect this information, it is essentially useless.
Therefore, SMBs are encouraged to make the shift to EMV card processing systems as soon as possible, especially considering that as of October 2015, liability for stolen payment data shifted to merchants. Any business that does not have EMV card reading technology, and is hacked, can therefore be held accountable for the ensuing damages. Many small businesses can hardly afford to become the victim of a POS malware ploy, let along cover subsequent legal damages.
Phishing scams will always be a problem for companies of all sizes. As long as corporations continue to fall for these ploys, hackers will work tirelessly to bring down their targets, which include SMBs. Much like DDoS attacks, modern phishing scams often take the extortion angle. One of the most prominent, recent examples is the notorious CryptoLocker strain. There are various forms of encryption malware, and many of them start off as phishing scams.
Basically, an employee might receive an email with a request to download a certain PDF or XML. In theory, an aware user should be cognizant of the danger involved with downloading a shady file, but on a particularly busy day, a phishing email may trick even the most wary of workers. Upon opening the cleverly disguised executable, files on the network are locked down. What typically follows is a payment request in order to decrypt the files.
Other phishing ploys might target social media portals, so as to take control of an account. For an SMB that relies on its Web presence to drive traffic to brick-and-mortar locations – for example, a restaurant, bar or mechanic shop – a hacked company Facebook page isn’t exactly choice marketing. Regardless of the targeted medium, a phishing scam can cause serious productivity setbacks for SMBs.
When it comes to securing against phishing scams and cyber threats in general, employee vigilance is hugely important. Granted, even this won’t always be enough to prevent a business from becoming the victim of a cyber attack. For the real tricky threats, SMBs will have to rely on threat protection.