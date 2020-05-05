Infosecurity Group Websites
Latest
News

Dominic Raab Condemns #COVID19 Cyber-Attacks as NCSC and CISA Release APT Advisory

The UK Foreign Secretary, Dominic Raab, has said he has evidence that advanced persistent threat (APT) groups are exploiting the COVID-19 pandemic to attack national and international organizations that are responding to the crisis. During the UK government’s daily coronavirus press briefing today, Raab confirmed the government is working with those organizations facing targeted campaigns to ensure they are aware of the threat and can take steps to protect themselves from such attacks.

“We know that cyber-criminals and other malicious groups are targeting individuals, businesses and other organizations by deploying COVID-19-related scams and phishing emails. That includes groups in the cybersecurity world known as APT groups; sophisticated networks of hackers who try to breach computer systems,” said Raab.

The comments follow the joint advisory published earlier today by the UK’s National Cyber Security Centre (NCSC) and the US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) about ongoing activity by APT groups against organizations involved in both national and international COVID-19 responses.

The advisory stated that healthcare bodies, pharmaceutical companies and research organizations have been subject to large-scale ‘password spraying’ campaigns, which cyber-criminals use to access a large number of accounts using commonly known passwords. It has advised staff working within these organizations to change passwords that could be reasonably guessed to ones created with three random words as well as bring in two-factor authentication to reduce the threat of compromises.

The report also suggested the involvement of hostile states in these attacks, explaining that these APT actors target such bodies to collect bulk personal information, intellectual property and intelligence that aligns with national priorities.

Paul Chichester, NCSC director of operations, commented: “Protecting the healthcare sector is the NCSC’s first and foremost priority at this time, and we’re working closely with the NHS to keep their systems safe. By prioritising any requests for support from health organizations and remaining in close contact with industries involved in the coronavirus response, we can inform them of any malicious activity and take the necessary steps to help them defend against it.

“However, we can’t do this alone, and we recommend healthcare policymakers and researchers take our actionable steps to defend themselves from password spraying campaigns.”

The advisory provides an update on malicious cyber-activity related to COVID-19 that was published on April 8 2020 by NCSC/CISA.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

National Emergency as Trump Bans Foreign Power Grid Kit

2
News

'Vaccines' Containing Blood of Recovered #COVID19 Patients for Sale on Dark Web

3
News

Fortinet Offers Free Cybersecurity Training

4
News

Only 59% of Cybersecurity Teams Are Effective Working from Home

5
News

Adult Streaming Site Leaks Data on Millions of Members

6
News

Tokopedia Breach: 91 Million Records for Sale on Dark Web

1
News

US Platform Enhances Remote Learning Cybersecurity

2
News

Virtual Graduation Ceremony Delayed by Cyber-attack

3
News

Dominic Raab Condemns #COVID19 Cyber-Attacks as NCSC and CISA Release APT Advisory

4
News

GoDaddy Suffers Data Breach

5
News

Report Reveals Fears Over Threats Posed by Wireless Devices

6
News

Brexit-Related Firm Wins Government Contracts Related to AI and Data Mining

1
Webinar

Safeguarding Your Digital Transformation with Detection and Response

2
Webinar

State of the CISO During a Turbulent Year

3
Webinar

Why Remediation Needs to be Part of Your Vulnerability Management Program

4
Webinar

Using SIEM to Protect Against Top Cybersecurity Threats

5
Webinar

How to Build a Program to Manage Your Third Parties and Supply Chain

6
Webinar

Protecting your Organization Against Phishing Attacks

1
Blog

Security by Sector: Over a Third of Consumers Don’t Trust Digital Comms from Banks

2
Interview

Interview: Mike McLellan, Senior Security Researcher, Secureworks

3
Blog

Data Security and Decommissioning in a 5G and Streaming World

4
Opinion

Preparing for Tomorrow: Cybersecurity in a Remote World

5
News

Cyber-Attacks on Hospitals Amid #COVID19 Akin to Acts of “Terror,” Claims Eugene Kaspersky

6
Next-Gen

Moving Online: How the Shift to Virtual Webinars Can be a Tool for Cybersecurity Inclusivity