Coronavirus Threat Campaigns Wind Down on Weekends

Cyber-threats related to the widespread outbreak of COVID-19 chiefly strike during the working week, according to new research.

Daily threat reports studied by researchers at cybersecurity firm Bitdefender covering March and April 2020 indicate cyber-criminals ease off from launching attacks themed around the novel coronavirus on weekends.

"During the working week, there seem to be more reports, while during the weekend, especially during Saturdays, reports seem to go down," wrote researchers.

The team at Bitdefender has theorized that cyber-criminals are timing their attacks to avoid moments at which victims are most likely to be away from their computers.

Researchers wrote: "Perhaps this shows that people spend more time online during the week and choose to spend more time with the family during the weekend."

Analysis of coronavirus threat reports revealed a spike in attacks on March 18 and 19, when 14,350 and 10,516 threats were recorded, respectively.

Researchers also noted a correlation between where threats were hitting and the spread of the deadly virus.

"A heatmap revealing the global evolution of Coronavirus-themed reports during the entire month of March alone also reveals there’s an overlap between countries affected by the Coronavirus and those targeted by Coronavirus-themed malware," wrote researchers.

Countries that have reported the largest number of coronavirus-themed reports appear to be those hit hardest by the pandemic. In March the countries reporting the highest number of threats were the US, Italy, the UK, and Spain. In April, cyber-attackers were striking mostly at the US, South Africa, Italy, and Canada.

Researchers wrote: "Zooming in to look at individual reports during March and April for Europe, an interesting picture emerges. With Europe in full crisis and the pandemic ripping through countries like Italy and the United Kingdom, threat actors focused their campaigns on these geographies as users were more likely to fall prey to deceptive messages."

Similarly, in the US, attackers targeted areas with the highest numbers of confirmed cases of the virus in March and April.

"Based on Bitdefender telemetry during March and April regarding Coronavirus-themed threats, the top affected US states seem to have been California, Texas, Florida, New York, and Ohio," wrote researchers.

"This telemetry is based on the number of unique IP addresses that have reported such themed malware."

What’s Hot on Infosecurity Magazine?