Businesses Beware: Hackers Exploiting Coronavirus Scare
The coronavirus outbreak is now officially a pandemic and is causing much anxiety and fear all over the world. As if worrying about the actual virus weren’t enough, the outbreak has also spawned cybersecurity concerns as hackers capitalize on the phenomenon.
Recently, spammers are reported to be gaming the interest in “coronavirus” as a search term to lure people into clicking fake pharmacy sites. There are also reports of the emergence of fake coronavirus tracking sites that sneakily install malware on users’ computers.
Government imposed quarantines and lockdowns are also forcing people to stay at home and perform most of their business online. Companies are now relying more than ever on their digital channels to facilitate transactions with customers and suppliers. Many are also hastily setting up work-from-home capabilities to ensure business continuity.
“The coronavirus outbreak has forced people and companies to rely even more on digital channels to do business. Hackers, unfortunately, are trying to capitalize on this trend by exploiting vulnerable portals. It’s crucial for companies to secure these channels immediately.”, says Dr Oren Eytan, CEO of odix a malware disarm firm.
Capitalizing on fear
Worldwide interest in “coronavirus” as a search term has spiked. Google (News - Alert) Trends shows that interest over time is at its peak. As people genuinely want to learn more about the virus, security firm Imperva reveals that opportunistic spammers have found a way to exploit user anxiety and earn clicks in their bogus pharmacy sites. Bot operators, for instance, are spamming comment sections with the term “coronavirus” and URLs linking to fake online drug stores to make them rank higher in search engines and trick users to click the links and even purchase their products.
“Spam is, at best, a nuisance. At worst, it can be used to deliver phishing messages, infectious malware, and more. Pharma spam is particularly nefarious—not only in terms of the volume of spam involved, but for the risks posed to public health by counterfeit drugs,” Imperva security research manager Avishay Zawoznik writes.
More sophisticated spam campaigns are also hacking regular websites to make them seem like a helpful resource for the coronavirus. Injected with malicious code, the compromised websites will contain links to dubious online pharmacies.
Some hackers even design websites or embed sites with coronavirus trackers from legitimate health organizations to lure users and make them download malicious apps to install files containing AZORult malware on their devices. Once injected, the malware will execute and can steal personal and financial information and even cryptocurrencies.
Shifting to digital
The coronavirus outbreak has pushed governments to implement measures that will keep their citizens safe as the deadly virus continues to spread around the world. The public is constantly reminded to practice social distancing and businesses are encouraged to allow employees to work from home.
To cope with these changes, companies must quickly set up portals and digital channels for their various business processes involving document management, customer service, and even sales.
However, dealing with such an abrupt shift without much time to prepare can be a daunting challenge. Not all companies have the necessary technical expertise and financial resources to develop secure and fully functional digital channels. Many have to resort to using a collection of cloud-based applications and components to enable their remote work capabilities.
Unfortunately, hastily setting up digital channels this way can often leave out the necessary security-hardening tasks that are necessary to keep them safe from common attacks.
Protecting digital channels
To mitigate the risks, companies must adopt capable security solutions that can protect their digital portals against cyberattacks.
Most of these attacks involve some form of malware. To prevent malware from infecting their systems, they can use solutions like odix which uses content disarm and reconstruction (CDR) to effectively protect an infrastructure’s malware. CDR thoroughly scans the files and sanitizes them from any trace of malicious code. It then reconstructs the files and ensures that they are safe and ready to use. The sanitization process also ensures that new variants of malware that evade conventional signature-based antivirus and antimalware solutions are detected and disarmed. Even complex polymorphic malware which changes its code can be screened since CDR scans for traces of code at the binary level.
odix also enables companies to deploy CDR on their email and file servers to ensure that only sanitized files enter their networks. Companies can also integrate CDR to other enterprise applications using odix’s application programming interface (API). These measures can help readily contain and prevent the spread of malware since they can be disarmed as soon as they enter the network.
Companies can also set up network security solutions such as firewalls and implement strict access controls to block malicious traffic from entering their network. Imperva, for instance, offers a cloud-based web application firewall service that can block malicious traffic from accessing their web applications and gateways.
For e-commerce channels, it’s also crucial to implement secure payment systems and even fraud protection measures. Thieves and scammers actively target online stores and e-commerce websites for their activities. To help keep these channels safe, solutions like Kount are already using artificial intelligence to better detect and weed out potentially fraudulent transactions.
Keeping everyone safe
To follow the measures set by the government to keep their workforce safe, companies must adapt to new business conditions and turn to technology to continue their operations. However, they must also ensure that their portals won’t harm their infrastructure and their users. As such, it’s critical for them to set up digital channels that are equipped with the necessary security measures to keep opportunistic criminals from obtaining sensitive data and carrying out their scams.