Cybersecurity 202: Coronavirus sparked a global war between scammers and defenders – ABOUT MAG 2020

with Tonya Riley

The new coronavirus has created a fierce dispute between cybercriminals hitching a ride with the disease in search of scams and defenders trying to protect a population more dependent on the Internet than ever before.

The battle shows how the pandemic – which closed deals of all kinds – did nothing to moderate the hacker market. Computer users, concerned about their health and finances and migrating most of their activities online or using unknown systems to request government services, are often easy prey.

The number of strokes related to the coronavirus is alarming.

The Justice Department, working with private companies, stopped “hundreds” of sites that were exploiting the virus to commit fraud and other crimes., the Department announced yesterday. The malicious sites represented government agencies running aid programs, legitimate companies and even the American Red Cross.

The FBI’s Internet Crime Center has also received and analyzed over 3,600 coronavirus-related complaints – mainly about websites that sell fake vaccines and fake cures and claim to run fraudulent charity campaigns. Some of them are designed to steal people’s personal and banking information to hack into their accounts. Others deliver malicious software that can root computers that look for sensitive data.

The center is urging people to protect themselves against strangers who request personal or medical information.

Meanwhile, the UK’s National Cybersecurity Center knocked down over 2,000 coronavirus-related online scams in the last month, authorities say, including 471 fake online stores selling fraudulent items and more than 700 sites designed to steal people’s information or infect them with malicious software.

The worst is yet to come, when stimulus relief funds go out the door.

Department of Justice officials are preparing for another wave of digital fraud connected to the trillions of dollars in aid that the government is distributing to individuals, families and small businesses to manage through the pandemic, as my colleague Matt Zapotosky reports.

“The unfortunate fact is the only limitation here is to limit the creativity of these fraudsters to create ways to use the situation where we all meet to separate individuals, businesses and the government from big money, ”said Brian Benczkowski, assistant attorney general in charge of the criminal division, to Matt.

The department plans to deploy data analysis tools that it typically uses to detect healthcare fraud to identify when people may be claiming benefits they don’t deserve or present themselves as someone else, Benczkowski told Matt.

Scammers are already stealing people’s identities to request stimulus checks on their names, such as Nathaniel Popper of the New York Times reports. A woman he spoke to received $ 3,400 in benefits due to her, her husband and two children.
Without the check, she is only a month away from being unable to pay the rent, Krystle Phelps told Popper.

Department of Justice officials are also eager to share information with the Small Business Administration, so they can better identify possible fraud trends.

“We know from past history, whenever the government makes a large amount of money available to help individuals and businesses, fraudsters leave the wood and seek access to that money. So, we are preparing vigorously for what we absolutely know is coming, ”said Benczkowski.

But law enforcement faces a particular adversary.

Researchers at Palo Alto Networks identified more than 2,000 clearly malicious new virus-related web domains at the end of march – mainly aiming to deceive people without money or to load their computers with malware. The company found another 40,000 sites that were clearly not malicious, but were labeled “high risk”.

There has also been a 6,000% increase in virus-related phishing and spam emails since March 11 when the World Health Organization declared the outbreak a pandemic, according to a report this morning from IBM’s X-Force threat monitoring division.

And the Google Threat Analysis Group is detecting 18 million Gmail malware and phishing messages per day related to the virus according to a blog post group director Shane Huntley. This is in addition to more than 240 million daily spam messages on the subject. The vast majority of them – about 99.9% – are blocked by the webmail filtering system, Huntley wrote.

And ordinary citizens are not the only targets. The group also identified more than a dozen government-backed hacker groups using coronavirus-related emails to attempt to break into computers used by US government officials and international health organizations.

NOTE TO READERS: We launched a redesign of The Cybersecurity 202 this week, with the goal of making this cheat sheet cleaner, sharper and easier to read. Please let us know what you think here. Thank you for being a reader of Cybersecurity 202 and tell your friends to sign here.

The keys

House leaders struggle with remote voting.

House Speaker Nancy Pelosi (D-California) canceled plans to approve a rule change this week that would allow some lawmakers to vote at home during the pandemic by having a colleague in Washington vote for him, Heather Caygle, John Bresnahan and Sarah Ferris in the Political report. Rather than, Pelosi appointed a bipartisan commission to further revise the idea.

Pelosi reluctantly endorsed a proxy voting plan by House Rules Committee chairman Jim McGovern (D-Mass.), Which avoids the cybersecurity and legal concerns by members voting via webcast or other online systems. But she changed that position amid significant Republican opposition and after consulting the Republican Party leadership. Rep. Tom Cole (Okla), Republican on the Rules Committee, will serve on the committee along with House minority leader Kevin McCarthy (R-California) and Whip from most of the Jim Clyburn house (D-S.C.).

Cole told the Politician that he is opposed to remote voting and wants Congress to find a way to vote in person. “We could be operating within normal parameters,” he said. “Instead, we’re inventing ways to stay out of Washington for longer. ”

Here is the analysis by Daniel Schuman, director of policy at Demand Progress, who has been a leading advocate of remote voting:

Apple will correct a flaw that possibly left more than half a billion iPhones vulnerable to hackers.

The vulnerability affected the email application on iPhones and iPads and could have been used by hackers in 2018, ZecOps, the cybersecurity company that found the bug, Christopher Bing and Joseph Menn told Reuters.

There is evidence that the bug was used to hack at least one American technology company from the Fortune 500Said ZecOps. Other likely victims include companies from Japan, Germany, Saudi Arabia and Israel, said ZecOps, but declined to name any of them.

Apple acknowledged that it was developing a fix for the vulnerability, but declined to comment further.

Reuters was also unable to independently verify the survey, which suggests that hackers could attack without having physical access to iPhones or tablets. Other researchers say the report should raise concerns.

The survey “confirms what has always been a very poorly kept secret: that well-resourced opponents can remotely and silently infect iOS devices with full patches, Apple security expert and former NSA researcher Patrick Wardle told Reuters.

States are moving forward with postal voting plans amid the pandemic.

Some of the biggest efforts come from Republican-led states. That despite President Trump intense criticism the postal vote, which he claimed without evidence produces widespread voter fraud.

But states that expand voting by mail will face many obstacles.

Washington’s Secretary of State, Kim Wyman (R), described many of the challenges during an online Election Assistance Commission hearing yesterday. Here are the details of Edward Perez, from the OSET Institute:

The email vote also comes with its own concerns about coronavirus. Jason Kunz, Center for Disease Control and Prevention:

Hill events

Senator Markey is demanding strict guidelines for states that use contact tracking technology.

These guidelines should require private entities to limit data tracking to only coronavirus problems and to be held responsible for the misuse of any data collected, Senator Edward J. Markey (D-Mass.) said in a letter to Vice President Pence.

“O the federal government must provide leadership, coordination and guidance to ensure that contact tracking efforts are effective and do not violate people’s civil liberties, including the right to privacy, “wrote Markey.

Apple and Google promised to end their contact tracking programs after the pandemic ended. But Congress is skeptical and there are still many state and private efforts that lack federal oversight, points out Markey.

Industry report

Major technology platforms have announced new moves to protect elections and combat the pandemic.

Facebook will make it easier to see the source of election-related posts.

The social media platform will display the country of origin for some Facebook pages and Instagram accounts not based in the U.S. and targeted primarily to American users, the company announced on a blog yesterday. This could help to contain criticism from U.S. lawmakers that the company is not doing enough to contain foreign influence in the US elections. The pilot will eventually expand to other countries.

Twitter will remove coronavirus content that can lead to offline destruction of the 5G telecommunications infrastructure, TechCrunch reported yesterday.

The move follows online conspiracy theories that the next-generation system is linked to the virus and has led people to destroy cell towers in the UK. Such theories have also gained traction on Facebook and Instagram, but these services have yet to institute a similar ban.

More industry news:

Global cyberspace

A group of hackers linked to Vietnam, known as APT32, tried to hack the email accounts of the staff of the Ministry of Emergency Management of China and the city government of Wuhan, researchers from the cybersecurity company’s FireEye report. Wuhan is where the coronavirus pandemic originated.

It shows the lengths that governments are willing to take to obtain information about coronavirus. “These attacks say that the virus is an intelligence priority everyone is throwing everything they’ve got and APT32 is what Vietnam has “, Ben Read, senior analytics manager at FireEye, told Reuters. Vietnamese staff called the charges “Unfounded”.

More global news:

Cyber ​​insecurity

Now, extortion scams represent up to 20% of all spam.

Paydays receive an average of $ 3,000 a day for scammers who threaten to share intimate videos of their victims, Sophos report researchers. Often, videos do not exist, but hackers only have enough personal information to make them appear to exist.

Part of that money goes to more crimes.

“Given that some of the transfers were used to obtain stolen credit card data or other criminal services – probably including more botnet services for sending spam – payments from sextortion campaigns are funding yet another round of scams and fraud,” they write. The researchers.

Chat room

One thing you may have missed in the midst of coronavirus news: Controversial post-9/11 surveillance powers have expired for more than a month, with little sign of concern from the White House or Congress. Officials, including former President Barack Obama, once warned of dire consequences if the spying powers were to be inactive for a few days.

Dustin Volz of the Wall Street Journal:

Electronic Frontier Foundation:


  • McCrary Institute and Commission for Cyberspace Solarium (CSC) Will host live event discussing whether deterrence is possible in cyberspace Wednesday at 1 pm
  • The R Street Institute Will host a discussion on “EARN IT Law and its broader implications for cryptography and cybersecurity” Wednesday at 2 pm

Secure logoff

A lesson on what not to do in Zoom. Reporter Alain Tolhurst:

We are doing much better with the Zoom conferences here at The Cybersecurity 202 …

Who wore it better?

Paula Fonseca