Covid-19 Makes the Internet More Dangerous | Total Security Software

 "Cybercriminals and fraudsters traditionally exploit topics that are most relevant to society," says Andrey Arsentiev, head of analytics and special projects at InfoWatch Group. According to him, the spread of coronavirus infection was no exception. Several attacks on medical institutions and other organizations involved in the fight against coronavirus infection were also recorded. network of clinics ", - says Andrey Arsentiev. Among the types of Internet fraud that cybercriminals most often resort to, he notes phishing activities. "Fraudsters tried to gain access to data, luring various payments and compensations,

Director of the Center for Monitoring and Responding to Cyber ​​Threats Solar JSOC "Rostelecom-Solar" Vladimir Dryukov informs that during the COVID-19 period, an increase in the number of attacks on RDP (Remote Desktop Protocol) was recorded. As the main reason, he cites the sharp increase in the number of servers published on the network used for providing remote access. According to him, in the first week of remote operation alone, the number of available servers in Russia increased by 15%, reaching 75 thousand, and in the whole world, the growth was more than 20%. At the same time, the risk of hacking such a server is high, and if successful, the hacker gains access to the entire infrastructure of the organization. "Also during this period, we record a significant increase in cyber fraud, scam attacks, and phishing,

“The COVID-19 pandemic is fully exploited by attackers in malicious campaigns using social engineering techniques, including spam, malware, ransomware, and malicious domains,” said Ilyas Kireev, lead promotion manager at CrossTech Solutions Group. He estimates that COVID-19 emails account for less than 2% of all spam in the world. The number of infections is growing and is already in the thousands, and malicious campaigns are also gaining momentum. Antivirus, total security software experts are constantly discovering new malware samples as part of virus campaigns associated with the pandemic. "Attackers are also attacking researchers developing a vaccine against COVID-19. Cybercriminals are trying to steal any important information, associated with the activities of scientists. To date, open sources have not yet recorded a single successful attack, "emphasizes Ilyas Kireev.

Ruslan Suleymanov, Director of the Information Technology Department of ESET Russia, notes that cyber criminals quickly adapted to the conditions dictated by the pandemic. A lot of new types of threats have appeared, both for ordinary users and for companies. According to him, fake online stores immediately spread on the Internet, offering masks, antiseptics, and even rapid tests for COVID-19. A large number of phishing emails have emerged on behalf of WHO and other reputable organizations. "Also, under the guise of files with classified documents and news applications, malware is distributed for stationary and mobile devices. For example, in Uzbekistan, users have become victims of Android Trojan-Spy, a dangerous Trojan disguised as an Android application with statistics on coronavirus. pictures, that employees went to work remotely and it became more difficult to control information flows. Home devices are connected to the corporate network, so there is an increased risk of intrusion by unauthorized persons or malware. that employees went to work remotely and it became more difficult to control information flows. Home devices are connected to the corporate network, so there is an increased risk of intrusion by unauthorized persons or malware.

“Currently, there is a continuing trend towards an increase in the number of attacks such as denial of service (DDoS) attacks, and targeted, multi-vector attacks that target specific users or user segments. with the help of which espionage software is deployed. Then cyber criminals collect data about the company and implement a targeted attack on the computer systems of top managers of the company. After that they encrypt sensitive data on disks, steal money from the company's accounts. Ultimately, the cyber attack develops into an extortion of money for a key. for decryption, "Ruslan Suleimanov reports. He believes that it is difficult to accurately assess the damage from cybercrime against the background of the coronavirus, since much remains behind the scenes, however, in his opinion,

Alexei Novikov, director of the Positive Technologies security expert center (PT Expert Security Center), calls the mailing list on behalf of a doctor who allegedly shared confidential information about a conspiracy theory with the victim as the most non-standard fraudulent communication with potential victims. The letter said that the virus was created to reduce the number of people and make it easier for the world government to have total control. Then it was said that fortunately for the reader, a secret team of scientists had already developed a vaccine and was ready to deliver it directly to his house. The recipient of the malicious letter was asked to follow the link and enter their data: name, address, phone number, which were then received by the attackers.

“Cybercriminals have adapted old methods to new circumstances,” commented Alexey Fedorov, head of Avast's representative office in Russia and the CIS. He calls this type of phishing social engineering. "Social engineering is aimed at influencing the user, deceiving him. For this, scammers use topics that are most often talked about. Now, this is everything related to the coronavirus. What did we personally observe? The emergence of fake stores with medical goods, masks, tests, a cure for COVID-19. Fake applications appeared where it was possible to find out the most relevant information about the spread and treatment of the virus. Criminals sent letters in e-mail, SMS, instant messengers. In SMS, by the way, they sent information about fines for allegedly violating the regime's self-isolation.

"Since the beginning of the pandemic, cybercriminals have been actively using fairly standard schemes. In March, the number of users attacked by malware increased by 6% and the number of attacks by 35%, compared to the previous month. The number of ransomware attacks also increased compared to February, by 5%. The current news agenda is actively used by cybercriminals for phishing, as well as during targeted attacks. For example, in April, two-thirds of sites about coronavirus were potentially fraudulent. ...

Mikhail Smirnov, director of the InfoWatch Group of Companies' expert and analytical center, speaks of the rise in crime. "The reason is the increase in the number of electronic communications and the critical information processed in them," he notes. In addition, he recalls that the isolation associated with the pandemic has not yet ended, so the real scale of the damage can only be assessed closer to autumn.

“We do not record a decrease in cases of fraud,” says Aleksey Novikov. He says attacks that exploit the coronavirus theme still remain. "At least 10% of all attacks are somehow related to the coronavirus. These include both attacks that exploit the topic of the coronavirus in phishing emails and attacks on hospitals that are testing or treating coronavirus. Attackers are actively using email for the spread of phishing links and malware in attachments, "he warns.

Ruslan Suleimanov gives a more optimistic assessment. He notes that to date, public unrest has subsided, the situation has stabilized. "However, it is too early to talk about reducing cybercrime. Vigilance and caution should be maintained," the expert said.