Roundup: COVID-19 pandemic delivers extraordinary array of cybersecurity challenges

As the COVID-19 outbreak threatens to overload the healthcare system and the global economy, it's also having a powerful impact on the security of businesses and individuals.
Written by David Grober, Contributor

All the latest news on the intersection of cybersecurity and the COVID-19 pandemic.

Cybersecurity: One in three attacks are coronavirus-related

NCSC annual review says agency is putting more effort into protecting healthcare.

COVID cybercrime: Ten disturbing statistics to keep you awake tonight

Nine out of 10 coronavirus domains are scams. Half a million Zoom accounts are for sale on the Dark Web. Brute-force attacks are up 400 percent. And there's more. So much more.

Cisco, ServiceNow announce integration for workplace contact tracing

The companies said they will integrate Cisco's indoor location services platform, DNA Spaces, with ServiceNow's contact tracing and workplace safety application.

Brute-force cyberattacks on the rise in Brazil

The widespread adoption of remote working is the main driver behind the increase, according to a new report.

Working from home causes surge in security breaches, staff 'oblivious' to best practices

The coronavirus pandemic is thought to be at the heart of a rise in security incidents this year.

Fake news on Covid-19 government initatives boost phishing

About one in eight Internet users have accessed a website with malicious content during the first months of the pandemic, research suggests.

NHS hit with wave of scam emails at height of COVID-19 pandemic

NHS Digital said its cybersecurity teams were working hard to keep patient data secure as attackers continued to target under-pressure services.

How coronavirus has exposed Middle East's gaping digital divide

The problems facing the region's tech have-nots were bad enough before the pandemic struck.

Facebook pulls video from Trump's page labelling it as COVID-19 misinformation

Social media giant says Trump's claims about children being immune to coronavirus violated its policies around harmful misinformation.

Coronavirus, remote working, and ransomware: The key cybersecurity challenges your organization is facing

ZDNet Security Update: Danny Palmer talks to George Kurtz, co-founder and CEO of Crowdstrike, about how cybersecurity has had to adapt to unique circumstances in 2020 -- and what it means going forward.

SonicWall report: COVID-19 has created 'boon' for criminals

Hackers have adapted their strategies to take advantage of the pandemic and vulnerable work-from-home IT connections.

DOJ indicts two Chinese hackers for attempted IP theft of COVID-19 research

The DOJ suggests in the indictment that the hackers were working for both themselves and for the benefit the Chinese government's Ministry of State Security.

Cybersecurity basics more important than ever in the new normal of remote work says Salesforce Chief Trust Officer

Jim Alkove, Chief Trust Officer at Salesforce, talks security in the new normal of remote work, cybersecurity best practices, and how security jobs can be a way to increase diversity in IT.

Russian hackers are targeting coronavirus scientists with phishing and malware attacks

Advisory from the UK's National Cyber Security Centre warns of an active spear-phishing campaign by APT 29 - a hacking group associated with Russian intelligence services - in an effort to steal research data.

Remote working: This free tool tests how good your security really is

The NCSC's Exercise in a Box toolset has been updated to help organisations keep their employees safe while working from home.

Ransomware attacks jump as crooks target remote working

Ransomware attacks are getting bigger and bolder - at a time where many organisations don't have the resources to fight them off.

COVID-19 fuels cyber attacks, exposes gaps in business recovery

Some 91% of businesses reported an increase in cyber attacks with employees working from home, including 93% in Singapore, where 89% and 86% also noted gaps in their business recovery planning and IT operations, respectively, as a result of the global pandemic.

New ransomware masquerades as COVID-19 contact-tracing app on your Android device

The malware surfaced just days after health officials in Canada announced the launch of a tracing app in the fight against COVID-19.

Working from home on your own PC? Security is still a confusing mess for many

Staff lack the tools and support to maintain security when using their own PCs at home, especially if they are new to remote working.

There's been a huge spike in online shopping. Now scammers are cashing in, too

Lockdown closed shops and people turned to the internet to buy things - and many found that if an offer is too good to be true, it probably is.

North Korean state hackers reportedly planning COVID-19 phishing campaign targeting 5M across six nations

Singapore, Japan, and the US are amongst six nations targeted in a COVID-19 themed phishing campaign that is reportedly scheduled for June 21, during which 8,000 businesses in Singapore may receive email messages from a spoofed Ministry of Manpower account.

DTA fixed COVIDSafe Bluetooth vulnerability 21 days after it was notified

Researchers detail Android vulnerability in COVIDSafe that allowed the Bluetooth connection of any untrusted device that happened to be in range.

Microsoft: COVID-19 malware attacks were barely a blip in total malware volume

COVID-19-themed malware attacks began in February, peaked in March, and are slowly dying out.

South Korea to use QR codes for entering 'high-risk areas' to contain COVID-19

The QR codes will be available on Naver's smartphone app.

Singapore looks to ease privacy fears with 'no internet' wearable device

Slated to be ready for rollout later this month, wearable devices the country is developing for COVID-19 contact tracing will not have GPS, internet, or cellular connectivity, so data can only be extracted when the device is physically handed over to the Healthy Ministry.

When it comes to saving lives, cybersecurity pros emerge as influencers

As individuals debated whether or not to download contact-tracing apps in the fight against COVID-19, more and more have been engaging with and listening carefully to security and privacy professionals. Cybersecurity pros are now very clearly influencers, helping society in its quest to save lives.

Australia has a new biometric border processing system

Unisys and Idemia to provide the Department of Home Affairs with a solution to conduct biometric matching on people entering Australia.

CrowdStrike posts solid Q1 as customers seek to protect remote workers

The cybersecurity firm achieved non-GAAP operating profitability for the first time and beat Wall Street expectations.

More than half of Twitter's 'Reopen America' calls from bots, study finds

Fear is a familiar political weapon, and it appears to be just as effective as it's always been.

Contact-tracing app: How much difference will it really make?

After a much-hyped debut, the excitement around the UK's coronavirus contact-tracing app has dipped. What happened?

Cyberattacks against hospitals must stop, says Red Cross

International rules needed to clamp down on hackers who are targeting healthcare – and risking lives during the COVID-19 pandemic.

As lockdowns ease, a new surveillance reality awaits

Expect a surge in development of surveillance and crowd monitoring technologies post-pandemic

Face masks prompt London police to consider pause in rollout of facial recognition cameras

The controversial scheme may be halted due to the widespread adoption of face coverings.

Hackers preparing to launch ransomware attacks against hospitals arrested in Romania

Hackers were planning to use COVID-19-themed emails to infect Romanian hospitals with ransomware and disrupt operations.

Security warning: State-backed hackers are trying to steal coronavirus research

Joint warning from UK National Cyber Security Centre and US Department of Homeland Security warns cyber attackers are actively targeting healthcare with a variety of hacking tricks.

The UK's coronavirus tracing app: everything you need to know

The UK government hopes the app will provide some of the necessary data for accurately tracking COVID-19.

Hackers are targeting UK universities to steal coronavirus research, NCSC warns

State-sponsored hackers from Russia, Iran, and China are suspected.

India orders mandatory use of COVID-19 contact tracing app for all workers

The heads of organisations will be responsible for ensuring that employees install the app.

Australia's COVIDSafe contact tracing story is full of holes and we should worry

The government's c

Kaspersky: RDP brute-force attacks have gone up since start of COVID-19

RDP brute-force attack numbers rose in mid-March as quarantines were being imposed over the globe. Coronavirus strategy bets heavily on an unproven COVID-19 tracing app, but the lack of a working back end and ham-fisted messaging risks the loss of the public's trust.

Cybersecurity, Internet infrastructure companies hold up relatively well amid COVID-19 pandemic

FireEye, Akamai and Juniper Networks delivered earnings reports that were far from perfect, but show demand amid an economic slowdown.

Contact-tracing app could be ready in two to three weeks

Health service says technology to be ready for deployment in two to three weeks. The next challenge will be getting people to use it.

Security experts warn: Don't let contact-tracing app lead to surveillance

Joint letter by over 170 of the UK's top researchers and scientists voices privacy and security concerns over 'mission creep' on government plans for using smartphones to trace and combat coronavirus.

Germany pivots from centralized coronavirus tracing app to privacy-protecting alternative

The move will likely be applauded by privacy and civil rights groups.

Contact tracing apps unsafe if Bluetooth vulnerabilities not fixed

With governments increasingly looking to use contact tracing apps to help contain COVID-19, such initiatives are likely to spark renewed interest in Bluetooth attacks which means there is a need for assurance that these apps are regularly tested and vulnerabilities patched.

The coronavirus crisis puts telcos back on the map as strategic providers

The coronavirus crisis offers telcos an opportunity to reposition themselves. Over the medium and longer term, the stronger telcos will benefit from the crisis.

Security alert: 'Dramatic' increase in cyber attacks says WHO, after passwords leaked online

Five times as many attacks against the World Health Organisation as hackers look to exploit the coronavirus outbreak.

SBA reveals potential data breach impacting 8,000 emergency business loan applicants

A US Senator says that the White House has "got to get it together."

Google: US government targeted with 'free fast food' coronavirus phishing

Government-backed attackers targeted US government and healthcare workers, says Google's Threat Analysis Group.

Scammers are now taking advantage of US small business relief fund in phishing emails

New campaigns are capitalizing not just on coronavirus fears but also on the outbreak's financial ramifications.

France asks Apple to relax iPhone security for coronavirus tracking app development

A technical issue is stymying the development of a government app for tracing COVID-19.

2,000 coronavirus scammers taken offline in major phishing crackdown

And now cybersecurity authorities want your help with spotting fake and fraud emails.

Google rolls out BeyondCorp Remote Access for browser-based apps

Google is rolling out the product now as organizations figure out how to accommodate remote workforces through the Covid-19 pandemic.

Trickbot malware is using these unique 'macro-laced' document attachments with a coronavirus theme

Microsoft Security Intelligence warns that there's been a large uptick in Covid-19 themed lures in phishing attacks by this one malware operation in recent days.

Students, university clash over forced installation of remote exam monitoring software on home PCs

The use of remote spying software to prevent cheating has raised an outcry from students.

Proposed government coronavirus tracking app falls at the first hurdle due to data breach

The source code of a proposed app for tracing COVID-19 exposed user data after being published online.

FBI says cybercrime reports quadrupled during COVID-19 pandemic

FBI official says foreign hackers targeted COVID-19 research centers.

German government might have lost tens of millions of euros in COVID-19 phishing attack

German state of North Rhine-Westphalia failed to put in place a citizen verification procedure and allowed fraudsters to steal millions of euros.

Coronavirus scams: This is how much people have lost to online fraudsters so far

Action Fraud details the latest figures - and warns people to be mindful of fraudsters and scammers.

PoetRAT Trojan targets energy sector using coronavirus lures

Wind turbine operators are the focus of a new data-stealing campaign.

Facebook will now warn you if you've interacted with fake, dangerous coronavirus posts

The fight against COVID-19 scams, misinformation, and fake cures continues.

Google to Gmail users: Coronavirus phishing is targeting you. This is how we hit back

But pandemic means you now can't enroll in Google's Gmail anti-phishing program using a smartphone's security key.

Cisco wanted to delay patch for critical flaw in phone used by doctors
Even coordinated disclosure of security vulnerabilities has been affected by the COVID-19 pandemic.

Hospitals must secure vital backend networks before it's too late

A conversation about the challenges and vulnerabilities facing some of the world's most critical network infrastructure.

Microsoft opens AccountGuard to healthcare providers on the COVID-19 front lines

Microsoft says the service will remain free for all healthcare organizations "until the COVID-19 pandemic subsides."

Coronavirus contact tracing apps: What are the privacy concerns?

Special smartphone apps could help to reduce the spread of COVID-19, but such moves could also have profound implications for individual privacy in the long term.

Brazilian president shelves plans for surveillance in fight against coronavirus

Jair Bolsonaro puts breaks on the introduction of a tracking system aimed at supporting policies around social distancing.

How remote work is changing CIO priorities amid the COVID-19 pandemic

A new survey from Adobe highlights the biggest priorities and challenges facing technology leaders and where they plan to invest in the future.

Telehealth: What's at stake from a security standpoint?

Many remote devices lack even basic network security.

Microsoft: Under 2% of all daily malspam uses COVID-19 lures

Malicious email campaigns have not increased due to COVID-19. Attackers merely changed lures.

US Senate, German government tell staff not to use Zoom

The two organizations now join a list that also includes the Taiwanese government, the Australian government, SpaceX, Google, and New York state area schools.

Coronavirus home work: Zoom sued over security lapses as stock slides

Zoom faces class action, as security criticisms hit its share price, which has skyrocketed in the coronavirus pandemic.

Domain name registrar suspends 600 suspicious coronavirus websites

Web domain name registrars are stepping up their efforts to tackle scammers, and it starts even before their websites go live.

Taiwan instructs government agencies not to use Zoom

Citing security and privacy concerns, Taiwan's Department of Cyber Security has issued an advisory to all government agencies prohibiting the use of certain video software, such as Zoom.

WhatsApp makes it harder for you to forward some messages as it tries to slow coronavirus misinformation

Frequently forwarded messages will now be harder to pass on as the messaging giant tries to curb COVID-19 rumours and misinformation.

Europol arrests man for coronavirus business email scam peddling masks, sanitizer

European police continue to fight criminal activity linked to the spread of COVID-19

The remote-working rush is creating a playground for spies and cybercrooks

Gaps in security and new ways of working will lead to data breaches and security problems over the coming weeks and months.

UK government slams 'crackpot' 5G-coronavirus theories following mast arson attacks

Suspected arson attacks have been connected to theories spreading online of 5G as a cause of coronavirus.

Google rolls back Chrome privacy feature due to COVID-19

Google disables SameSite cookie support to prevent any unforseen breakage to sites during the coronavirus outbreak.

Web skimming attacks not expected to intensify during COVID-19 quarantines

Contrary to popular belief.

Ransomware and DDoS attacks: Cybercrooks are stepping up their activities in the midst of coronavirus

Crooks are taking advantage of this 'surreal situation' to increase pressure warns law enforcement agency.

Human rights groups warn governments of privacy laws when tracking COVID-19

110 organisations have set out eight conditions proposed for governments worldwide to adhere to if they are using surveillance technology to combat the pandemic.

Researchers propose method to track coronavirus through smartphones while protecting privacy

The concept itself is quite simple but could be invaluable in shielding the general public from privacy violations.

Vicious COVID-19 malware destroys your PC for sport, not profit

Security researchers have discovered coronavirus-themed malware created to destroy users' computers.

Hackers are now launching dozens of email scams each day

Waves of phishing and malware attacks try to take advantage of working from home and worries about COVID-19.

FBI re-sends alert about supply chain attacks for the third time in three months

The FBI says some attacks have also targeted the healthcare industry, currently grappling with the coronavirus outbreak.

Coronavirus: Now COVID-19 phishing scammers face 'rapid-response' crackdown

'Don't feed the beast' says government as it aims to clamp down on criminals, fraudsters - and nation-states - exploiting the pandemic to spread false narratives.

RDP and VPN use skyrocketed since coronavirus onset

RDP use is up by 41%, enterprise VPN use is up by 33%.

Coronavirus and home working: Cyber criminals shift focus to target remote workers

Hackers will look to exploit the increase in remote working - and healthcare facilities could be targeted with cyberattacks, warns police agency.

This tiny country is posting the names and locations of quarantined citizens

Balkan authorities resort to publishing personal data online to stem the coronavirus outbreak.

How to prevent your Zoom meetings being Zoom-bombed (gate-crashed) by trolls

If you don't take care, you could find your meetings being gate-crashed or Zoom-bombed, potentially causing havoc and mayhem.

D-Link and Linksys routers hacked to point users to coronavirus-themed malware

Hackers hijack routers' DNS settings to point users to malware-infected downloads.

VPN use surges as coronavirus outbreak prompts huge rise in remote working

The rise in working from home in the last few weeks has seen VPN usage rise rapidly in many countries.

Europol eradicates criminal gangs flogging fake coronavirus medicine, surgical masks

€13 million in potentially dangerous drugs, touted as coronavirus cures or immune system boosters, have been seized so far.

WHO chief emails claiming to offer coronavirus drug advice plant keyloggers on your PC

Fraudsters are trying to capitalize on fears surrounding the illness in new phishing campaigns.

US, Israel, South Korea, and China look at intrusive surveillance solutions for tracking COVID-19

As the coronavirus (COVID-19) outbreak spreads across the world, some governments are deploying or exploring the idea of deploying privacy-intrusive solutions for tracking the disease's spread.

DOJ says it will prioritize the prosecution of coronavirus crimes

Attorney General William P. Barr urged the American public to report all cases of COVID-19 scams and fraud.

With everyone working from home, VPN security has now become paramount

DHS, SANS, NJCCIC, and Radware warn companies about securing enterprise VPN servers in the midst of the coronavirus outbreak.

Thousands of COVID-19 scam and malware sites are being created on a daily basis

Malware authors and fraudsters aren't letting a tragedy go to waste.

Internet's largest social networks issue joint statement on COVID-19 misinformation

Facebook, Google, LinkedIn, Microsoft, Reddit, Twitter, and YouTube put out joint statement promising to fight COVID-19 fraud and curb misinformation.

How cyber criminals are trying to exploit coronavirus fears

Hackers are trying to take advantage of the COVID-19 outbreak to deliver malware, steal bank details and more -- but there are ways to stay safe from these attacks.

HHS targeted by hackers as it responds to novel coronavirus, COVID-19 pandemic

The number of cyberattacks looking to draft off the novel coronavirus pandemic are ramping.

Coronavirus-themed phishing attacks and hacking campaigns are on the rise

Opportunist crooks are exploiting coronavirus as part of their phishing attacks, malware, ransomware and more.

Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak

One of the Czech Republic's biggest COVID-19 testing laboratories hit by mysterious cyberattack.

State-sponsored hackers are now using coronavirus lures to infect their targets

Chinese, North Korean, and Russian government cyberspies caught using COVID-19-themed emails to infect victims with malware.

Employers are a trusted source of information about COVID-19 but face competition from disinformation

New data shows employees have strong trust in their employers as a source of information about COVID-19, but infrequent employer communication can leave employees vulnerable to disinformation.

COVID-19 coronavirus outbreak and a security conference tries to play it down

If two attendees of your security conference were diagnosed with the novel coronavirus, how would you let everyone know? Perhaps not quite in the way the RSA conference did.

Snake oil salesmen warning: DoJ, FTC are cracking down on fake coronavirus products

Don't even think about marketing 'coronavirus-curing' goods, the agencies have warned.

Spying concerns raised over Iran's official COVID-19 detection app

Google removes Iran's official COVID-19 detection app from the Play Store.

Nasty phishing scams aim to exploit coronavirus fears

Phoney emails about health advice and more are being used to steal login credentials and financial details.

Coronavirus misinformation spreading fast: Fake news on COVID-19 shared far more than CDC, WHO reports

Content engagement on false and misleading news about the COVID-19 virus illness is over 142 times that of legitimate and expert sources such as the CDC and WHO, according to NewsGuard.

Coronavirus: How hackers are exploiting the epidemic to steal your information

Karen Roby interviewed a cybersecurity expert about a different threat than COVID-19 brings.

Editorial standards