COVID-19 Cybersecurity Update: Phishing, Ransomware, and Health Care Attacks

COVID-19, Cyber, Property & Casualty

We’re dedicated to bringing you the most updated information in these uncertain times. We’ve tapped Tetra Defense, M3’s trusted cyber incident response partner, to offer insights into the world of cybersecurity in the COVID-19 era.

Bad actors are using corporate messaging as a template for attacks

Media literacy has never been more important — especially during a global health crisis. It seems every organization is making a statement about COVID-19, and therefore creating a headline that threat actors can engineer their attacks around. Think twice before opening an email that you weren’t expecting, seems suspicious, or is from an organization that you do not normally interact with. Navigate directly to official websites instead of clicking a link through an email.

Ransomware operations promise to cease attacks on healthcare organizations – but they haven’t followed through

Major ransomware operations like “Doppelpaymer” and “Maze” have delivered statements that promise to take healthcare organizations out of their target pool. Despite these statements from some of the biggest cyber threat actors, they haven’t necessarily kept their word, and the risk still remains. Threat actors still deploy their attacks via phishing emails, and they’re still latching onto popular headlines to lure their victims.

On March 23rd, 2020, “Maze” published sensitive data from a COVID-19 research group in the UK. Threat actors are social engineers that rely on people’s fears, curiosities, and a collective benefit of the doubt. To avoid tomorrow’s COVID-19 themed attacks, be sure to rely on trusted sources and maintain a healthy amount of suspicion from emails that promise to offer urgent updates.

Phishing attempts play off COVID-19 fears

With the unfortunate prevalence of COVID-19, we’ve seen an equal, unfortunate prevalence of phishing attempts. On March 12, 2020, a maliciously altered Java Code compromised an otherwise accurate interactive map of worldwide COVID-19 cases, and stole personal passwords. On March 20, 2020, a phishing email on behalf of a World Health Organization (WHO) doctor offered “drug advice” to any accepting inbox, and led to malware that could harvest credentials of personal information.

Employers should be aware of their cyber liability coverage, have an incident response plan in place, and ensure their employees are educated on cybersecurity best practices. If you have questions on your coverage, or want to know more about best practices to prevent a breach, contact your M3 account executive.

Back to Insight Center