Coronavirus and cybersecurity: where do we stand?
Since the beginning of March, we have been talking about coronavirus and its impact on cybersecurity.
But this is a good war because the hackers have decided not to give up. And the hacking companions continue. Phishing is at the forefront of the most widely used cybercrime practices. And this is normal, since in this context, phishing is facilitated by the massive sending of false messages relating to the pandemic.
This article will also interest you: The coronavirus: the lure of choice for hackers
Internet users, who are eager for news on the subject, do not hesitate in most cases to click on a particular link, proposing to follow in real time the evolution of the pandemic. Telework has also increased cybercrime activity. Working remotely and something that existed before the pandemic however, we are witnessing an explosion of this way of working. Security requirements are no longer really in place.
In such cases, cybercriminals "take advantage of lower security standards related to telework to try to recover confidential data. Maurice Midena, a journalist with Forbes France, noted. And recently an attack on Mongolian officials, which was discovered by the cybersecurity agency Checkpoint highlights the real problem of telework and the practice of cybercrime related to the pandemic. In this case, they had received a message in the form of correspondence from the Mongolian Ministry of Foreign Affairs. But behind this message was a group of Chinese hackers who were trying to mislead them. Their objective was to push its officials to give them access to the network, which would of course allow them to steal some rather important information, and this undercover from an official institution.
"Check Point researchers were able to trace back to the Chinese group thanks to the fingerprints left by hackers in the computer code of the malware hosted on their servers, which were available for a short period of time. Using the data collected, Check Point researchers were able to uncover the entire chain of infection, deducing that the Chinese hacker group had been active since 2016 and that it has a habit of targeting different public sector entities and telecommunications companies in Russia, Ukraine, Belarus and now Mongolia. Maurice Midena explains.
According to checkpoint, in a recently drafted report, registered website domains are 50% malicious. It has been detected since the beginning of January, with exactly 16,000 newly registered domains directly related to coronavirus. Two weeks ago, no 6000 internet was recorded related to coronaviruses.
This extension of cyber malice affects all terminals. Mobile phones, i.e. smartphones to be more precise, are not spared like computers. Nikolaos Chrysaidos , Director of Security and Mobile Intelligence at Avast noted: "We have identified more than 450 coronavirus-related applications. About 35 are considered malicious, and none of them are distributed through official app stores such as Google Play, but rather via SMS, URL or social engineering. ». All in all we have to deal with several types of malware. These can be either ransomware, bank Trojans or spyware.
Now access an unlimited number of passwords: