© 2018 First Consulting, Inc.  All rights reserved.

COVID-19 is a major business and market disruption. As the coronavirus pandemic continues to sweep the globe, and cities and states impose social-distancing measures, businesses are sending their users home to work. This massive, unprecedented shift to distance working brings a whole new set of cyber-security challenges. The need to scale remote workforce solutions is a very real business problem, but haphazard platform adoption presents an equally serious security challenge.

A lack of IT resources can hurt many organizations as they move to enable remote strategies. When workers and students are sent outside the normal perimeter, managing device sprawl, and patching and securing hundreds of thousands of endpoints, becomes a much bigger challenge. Organizations are being forced to adapt to rapidly evolving security requirements.

First Consulting Inc. is combating this invisible enemy through vigilance, experience, determination and proactive security measures.

Our Certified Cyber Threat Intelligence Team have developed a COVID-19 Cyber Threat Security Assessment specifically created to ensure your company assets, infrastructure and workforce are secure from catastrophic outages and lock-downs.

Our Certified Cyber Threat Intelligence Team will provide the following services to ensure your infrastructure and workforce are safe from this threat.

  • Assess your infrastructure, remote workforce, environment, assets and locations.

  • Ensure Best Security Practices are being employed and followed by your IT Security team and remote workforce.

  • Threat scan and assess your internal and external systems for possible threats or security breaches that may be present or that can be exploited.

  • Audit the full scan findings for any exploits.

  • Provide a Cyber Threat Report of the findings, gaps and any threats or exploitations that were found.

  • Develop a Plan of Action & Milestones to correct and mitigate threats.

Contact:   aroberts@firstconsultinginc.com for more information.   

Stay safe everyone.

Recent COVID-19 Statistics and Highlighted Information

 

March 17, 2020 Digital Exploitation Highlights

  • FBI issues public alert for malicious websites and apps, deception involving #COVID19 cases

  • Alert comes one day after a cyber-attack on the US Department of Health and Human Services

  • Large internet companies issue joint statement aimed to curb misinformation on #COVID19, group includes Facebook, LinkedIn, Google, Microsoft, YouTube, and Twitter among others

  • Cybercriminals exploit #COVID19 uncertainty, launch new attacks with trojan and phishing techniques

 

   NIST’s External Threats platform identified 31 URLs that appear to be malicious. The platform discovered these           URLs by cross-indexing automated searches of the keywords “COVID-19” and “Coronavirus” with malware and             phishing detection tools.

   COVID-19 Email Spam Statistics

   NIST analyzed its spam box feed for the time period of 03/13/2020-03/16/2020. During this four-day period, NIST       analyzed 437,887 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 54,847           unique subject lines observed during the reporting period. The spam emails originated from 32,535 unique                 sending email addresses and 44,165 unique SMTP IP Addresses. Analysts identified 536 emails, which sent an             executable file for Windows machines.

March 18, 2020 Digital Exploitation Highlights

  • Attorney General Barr prioritized prosecuting cybercriminals exploiting COVID19.

  • NIST discovers top 25 phishing subject lines, COVID19 exploit tactics

  • NIST identifies top subjects when used with executable attachments

  • NIST pinpoints most common COVID19 SPAM origins, United States leads the list

 

   COVID-19 Email Spam Statistics

   NIST analyzed its spam box feed for the time period of 03/17/2020-03/18/2020. During this period, NIST analyzed     215,490 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 20,131 unique               subject lines observed during the reporting period. The spam emails originated from 15,198 unique sending               email domains and 22,425 unique SMTP IP Addresses. Analysts identified 1,232 emails that sent an executable file     for Windows machines.

March 19, 2020 Digital Exploitation Highlights

  • DDoS attack on the US Department of Health and Human Services (HHS) website on Sunday is now believed to be part of a coordinated campaign

  • Russian media have deployed a “significant disinformation campaign” against the West to worsen the impact of the coronavirus, generate panic and sow distrust

  • Hackers are exploiting the COVID-19 outbreak to spread their own infections

  • Thousands of COVID-19 scams and malware sites are being created on a daily basis. NIST saw more than 13.5K suspicious domains on 3/15; more than 35K domains the next day; and more than 17K domains the day after that

  • TrickBot and Emotet Trojans have started to add text from COVID-19 news stories to attempt to bypass security software using artificial intelligence and machine learning to detect malware

  • Cybercriminals continue to take advantage of the increased communication about COVID-19 by lacing mobile applications with a trojan

  • Some ransomware operators claim they will no longer target health and medical organizations

  • Federal Deposit Insurance Corporation (FDIC) issued a statement Wednesday warning about an increase in scams trying to sow distrust in the U.S. financial system

  • Federal Trade Commission (FTC) warned consumers on Wednesday about possible scams related to the US government plans to send money by check or direct deposit

  • Twitter updated its safety policy to prohibit tweets that “could place people at a higher risk of transmitting COVID-19.”

 

   COVID-19 Email Spam Statistics

   NIST analyzed its spam box feed for the time period of 03/18/2020-03/19/2020. During this period, NIST analyzed     268,382 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 20,271 unique               subject lines observed during the reporting period. The spam emails originated from 14,279 unique sending               email domains and 20,962 unique SMTP IP Addresses. Analysts identified 1,099 emails that sent an executable file     for Windows machines.

March 20, 2020 Digital Exploitation Highlights

  • FBI announced that with the “significant spike” in scams across the nation it anticipates criminals will zero in on three states with high rates of infections: WA, CA and NY.

  • Secretary of State Pompeo accused China, Russia, and Iran of carrying out disinformation campaigns related to COVID-19

  • Ongoing phishing campaign delivering emails written to appear as official messages from the Director-General of the World Health Organization (WHO). Emails actively spread HawkEye malware payloads onto the devices of unsuspecting victims.

  • US government is in active talks with FacebookGoogle and a wide array of tech companies and health experts about how it can use data gleaned from Americans’ phones to combat COVID-19, including tracking whether people are maintaining a safe distance from one another. Israel and China already use similar technology to combat the spread.

   COVID-19 Email Spam Statistics

   NIST analyzed its spam box feed for the time period of 03/19/2020-03/20/2020. During this period, NIST analyzed     202,558 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 20,387 unique               subject lines observed during the reporting period. The spam emails originated from 14,232 unique sending               email domains and 20,337 unique SMTP IP Addresses. Analysts identified 1,558 emails that sent an executable file     for Windows machines.

March 21, 2020 Digital Exploitation Highlights

  • Sentinel Labs researchers reported yesterday that they have seen a significant number of malware campaigns, spam campaigns, and scams related to COVID-19. They have identified scams where multiple dark web sites claim to sell COVID-19 supplies (masks, sanitization and cleaning supplies) directly for bitcoin. In reality, the scammer collects the money and does not deliver anything. Other bogus sites are claiming to sell non-existent vaccines and charging victims $5,000. They also observed criminals selling COVID-19 malware/phishing ‘kits’ for less than $1,000.

  • Interpol arrested 121 individuals during an international operation, dubbed Operation Pangea XIII, aimed to counter the illegal online sale of medical supplies and medicine; more than 90 nations took part in the operation. Authorities found over 2,000 online advertisements relating to COVID-19. Interpol said in a statement it seized more than 34,000 counterfeit, unauthorized, and substandard products, including masks and antiviral medications.

   COVID-19 Email Spam Statistics

   NIST analyzed its spam box feed for the time period of 03/20/2020-03/21/2020. During this period, NIST analyzed     193,133 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 39,760 unique               subject lines observed during the reporting period. The spam emails originated from 14,127 unique sending               email domains and 22,439 unique SMTP IP Addresses. Analysts identified 135 emails that sent an executable file       for Windows machines.

 

March 22, 2020 Digital Exploitation Highlights

  • Video chat company Zoom alerted customers to a security issue where outsiders have been hijacking group chats by taking advantage of a screen-sharing function to show lewd content. Zoom offered some ways to secure its video conference tool from “Zoombombing”: only allow the host to screen share, password protect your meetings, and lock the meeting once all participants have joined.

   COVID-19 Email Spam Statistics

   NIST analyzed its spam box feed for the time period of 03/21/2020-03/22/2020. During this period, NIST analyzed     160,648 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 27,560 unique               subject lines observed during the reporting period. The spam emails originated from 15,980 unique sending               email domains and 21,070 unique SMTP IP Addresses. Analysts identified 2 emails which sent an executable file         for Windows machines.

 

March 23, 2020 Digital Exploitation Highlights

  • The Department of Justice raised its first federal court action against online fraud relating to COVID-19. According to ThreatPost reporting, the website, “coronavirusmedicalkit.com,” offered to give away free vaccine kits that it claimed were manufactured by the World Health Organization. In reality, the cybercriminals first asked buyers to input their payment card information on the website in order to pay a shipping charge of $4.95. Then, they would steal that credit card and personal information.

    COVID-19 Email Spam Statistics

    NIST analyzed its spam box feed for the time period of 03/22/2020-03/23/2020. During this period, NIST analyzed      243,881 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 38,698 unique              subject lines observed during the reporting period. The spam emails originated from 40,849 unique sending              email domains and 22,567 unique SMTP IP Addresses. Analysts identified 237 emails which sent an executable          file for Windows machines.