Coronavirus-Related Cyberattacks Are Spiking Online

Red backlit keyboard

This was no breathless entreaty from a “Nigerian Prince”—it was more sophisticated than that.

Purportedly from the Federal Reserve, it declared its “Protection Program fully operational and ready to provide payments to financial institutions and citizens.” The email then included a link that users could click on for more information as well as a phone number (“for media inquiries”) and a list of “participating” banking institutions and their actual logos.

But what made the scam particularly enticing was that it was based on a true story. In response to the COVID-19 pandemic, Congress had approved an unprecedented $2 trillion in assistance to businesses and individuals, which was being distributed as rapidly as possible in the form of direct payments from the federal government.

“This was the first one we saw that was quite this elaborate,” said Dave Baggett, CEO and co-founder of the security firm INKY, in an interview with “The Hill” newspaper. “I bet you, actually, this site is better looking than the real one.”

Medical Facilities Hit

According to an IBM study, there has been a 6,000 percent increase in spam emails related to COVID-19 since early March, just days after the United States reported its first death from the virus. Some phishing emails look like they come from government agencies; others resemble the ubiquitous Zoom meeting notifications that many homebound workers are regularly receiving.

Also on the rise are ransomware attacks on medical facilities, according to the RISKIQ Intelligence brief. In a ransomware attack, hackers break into an organization’s network, disrupt or disable access to data, and demand payment in order to restore the system. While these attacks, which are often directed at smaller hospitals, have been on the rise for the past three years, the report said, “with the outbreak of COVID-19, it has suddenly gone into hyperdrive.”

“We have seen individuals trying to derail the government’s response to COVID-19, some of them taking down websites that are trying to communicate with the public about what to do to and what not to do,” said Frederic Lemieux, Faculty Director of Georgetown University’s Master's in Applied Intelligence and Master's in Cybersecurity Risk Management programs. “And some of them are really affecting the front line, for example, deploying ransomware in hospitals and healthcare centers, where they are able to freeze medical information that is plugged into the internet.”

Remote Work Increasing Security Risks

While requiring employees to work from home may have helped slow the spread of the coronavirus, in many instances it may be opening business computer networks to more security threats.

“With all these people working from home, sensitive information from their work may now be accessible because then don’t have the same level of security on their home internet than they would have in a work environment,” Lemieux said. “It’s very common that people do not update their phones or their computers all the time to the newest and highest levels of security.”

Lemieux said the full extent of security breaches may not be discovered until the worst of the virus has passed.

“Part of the return to normal—and probably a good practice—will be for companies to run an audit, to look back at what happened just to make sure that they are not overlooking something that might be a data breach,” Lemieux said. “Since they could not necessarily control their employees, they could not provide an environment that was as secured as their office. When things calm down, they can take a look at their systems, because they might have surprises.”

Learn more