Hackers are using COVID-19 to target people and their employers, say the UK's National Cyber Security Centre and the US' Cybersecurity and Infrastructure Security Agency.
Hackers are using the coronavirus pandemic to target internet users, according to a warning Wednesday from two cybersecurity agencies. The UK's National Cyber Security Centre and the US Cybersecurity and Infrastructure Security Agency put out a joint statement saying the pandemic is an attractive tool for cybercriminals and state-sponsored hackers, who can use the fears and anxieties caused by COVID-19 to trick people.
"An increasing number of malicious cyber actors are exploiting the current COVID-19 pandemic for their own objectives," the agencies said in a joint statement.
That's not to say that hackers are hacking more. Some cybersecurity companies have said they've seen an increase in overall hacking activity, but the two agencies, as well as Microsoft, said Wednesday that levels of hacking have stayed the same. What's changed is the way hackers are targeting internet users.
"They know many are clicking without looking because stress levels are high and they're taking advantage of that," Rob Lefferts, corporate vice president for Microsoft 365 Security, said in a blog post.
The advisory contains a list of more than 2,500 data points from coronavirus-related hacking threats. The information is meant to help people defending computer systems find signs of hackers trying to break into systems. The agencies said the list is "non-exhaustive," and noted that the pandemic is changing quickly, and so could the way hackers try to use it to their advantage.
Fraud experts have warned that for people at home now, hacking isn't the only thing to worry about. There are also scams that'll try to take people's money in exchange for information, cures or masks and other forms of protection that turn out to be bogus. Everyone is well served by taking a moment and remembering that criminals could be trying to take advantage of regular people during this disruptive world event.
The hacking threats come at a time when more people are working from home as part of stay-at-home orders meant to slow the spread of the virus. That means personal devices and systems linked to businesses both might be more vulnerable, the agencies said. In an advisory, the agencies provided resources on how individuals and companies can protect themselves from these attacks, including how to spot suspicious email attachments, phishing emails, scams and ransomware attacks.