Cybercrime levels have not increased since the start of COVID-19, and the volume of related attacks remains relatively low, according to new information from Microsoft and the US and UK governments.
The joint government alert came from the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA).
It explained what many in the industry already know: that bad actors are using the pandemic as a lure to spread malware and harvest details via phishing emails, and are scanning for vulnerable VPNs.
It also warned that hackers are spamming out SMS phishing attempts, and emails spoofed to appear as if sent from popular video conferencing platforms such as Zoom or Microsoft Teams, containing booby-trapped attachments.
Yet despite the headlines, overall threat levels haven’t increased; attackers are simply diverting more resources to capitalize on widespread user awareness of the current crisis and changing working patterns.
“Malicious cyber-actors are adjusting their tactics to exploit the COVID-19 pandemic, and the NCSC is working round the clock with its partners to respond,” said NCSC director of operations, Paul Chichester.
“Our advice to the public and organizations is to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as UK Government, Public Health England or NHS websites.”
It’s a message that was echoed by Microsoft in an update yesterday.
“Attackers don’t suddenly have more resources they’re diverting towards tricking users; instead they’re pivoting their existing infrastructure, like ransomware, phishing, and other malware delivery tools, to include COVID-19 keywords that get us to click,” explained Microsoft 365 Security CVP, Rob Lefferts.
“Our data shows that these COVID-19 themed threats are retreads of existing attacks that have been slightly altered to tie to this pandemic. This means we’re seeing a changing of lures, not a surge in attacks.”
In fact, of the millions of daily phishing emails Microsoft detects, only 60,000 have COVID-19 related malicious attachments or URLs, less than 2% of the total volume of threats the firm tracks each day.