Hackers are scanning for vulnerable VPNs in order to launch attacks against remote workers

The number of cyber attacks attempting to exploit the coronavirus outbreak for their own gain continues to rise as both cyber criminal groups and nation-state backed hacking operations attempt to take advantage of the COVID-19 pandemic for their own gain.

A joint advisory published by the UK’s National Cyber Security Centre (NCSC) and the US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) warns over the continued threat posed by coronavirus-themed scams, phishing attacks, malware operations and ransomware campaigns against both individuals and organisations.

Cyber attackers and scammers have been using coronavirus to lure victims in since the early days of the outbreak – and they show no signs of slowing down.

“Malicious cyber actors are adjusting their tactics to exploit the COVID-19 pandemic, and the NCSC is working around the clock with its partners to respond,” said Paul Chichester, director of operations at the NCSC.

While the number of overall cyber attacks hasn’t gone up, the global pandemic means more and more cyber cyber criminals are looking to exploit coronavirus as part of their attacks.

A common theme for coronavirus-based attacks involves phishing emails – or SMS messages – claiming to contain links to advice from medical organisations, or files claiming to contain information about new cases in the local area to the victim.

SEE: Cybersecurity: Let’s get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

Often these malicious URLs are set up to harvest personal data from victims, such as email addresses and passwords or bank details, while some designed to install malware on the victim’s computer.

However, one way people can stay safe from these campaigns is to visit trusted sources of information for updates, rather than relying on an unexpected email or a forwarded message.

“Our advice to the public and organisations is to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as UK government, Public Health England or NHS websites,” said Chichester.

The NCSC and DHS also issue warning about how cyber criminals are trying to take advantage of the sudden rise in remote working to conduct attacks, noting that there’s been a rise in attackers scanning for vulnerabilities in remote working tools and software.

“Many organisations have rapidly deployed new networks, including VPNs and related IT infrastructure, to cater for the large shift towards home working. Malicious cyber actors are taking advantage of this on this mass move to home working by exploiting a variety of publicly known vulnerabilities in VPNs and other remote working tools and software,” the report said.  

SEE: Coronavirus: Business and technology in a pandemic

It’s entirely possible that hackers could gain access to sensitive corporate files by breaching someone’s home network or email account as attackers look to new means of conducting campaigns.

“As the COVID-19 outbreak continues to evolve, bad actors are using these difficult times to exploit and take advantage of the public and business. Our partnerships with the NCSC and industry have played a critical role in our ability to track these threats and respond,” said Bryan Ware, CISA assistant director for cybersecurity.

“We urge everyone to remain vigilant to these threats, be on the lookout for suspicious emails and look to trusted sources for information and updates regarding COVID-19. We are all in this together and collectively we can help defend against these threats,” he added.

To help protect the rise in cyber attacks targeting people working from home, the NCSC has issued security advice for remote workers, as well as advice on how to deal with suspicious emails.