US and UK cybersecurity agencies publish a joint statement warning of a rise in Covid-related cybercrime

8 April 2020

On 8 April 2020, GCHQ’s National Cyber Security Centre and the US Department of Homeland Security’s Cybersecurity and Infrastructure Agency published a joint advisory about a rise in cybercrime related to the Covid-19 pandemic.

The agencies warn about a rise in malicious cyber actors exploiting the pandemic for their own objectives. This coincides with a surge in people working from home, where they may be using more vulnerable networks. Their victims are not just individuals; Covid-19 related scams and phishing emails are targeted at businesses too. This can include:

  • Phishing emails or malware distribution using “coronavirus” or “covid-19” as a lure; and
  • Attacks against newly (and often rapidly) deployed remote working networks or remote access infrastructure.

Phishing scams

The advisory explains that attackers will try to persuade victims to click on a link or download an app, for example a purported “real-time coronavirus outbreak tracker”. Attackers may also attach malicious files to emails with subject lines such as “Coronavirus Update”.

These texts and emails are often designed to appear as though they come from a trusted source, for example the World Health Organisation or an organisation’s HR department. Links provided in these messages can sometimes take the user through to a login page, designed to impersonate well-known websites, where the user is asked to enter their email address and password. The attackers can then access the victim’s online accounts such as their email inbox and acquire personal or sensitive information, or send further phishing emails using the victim’s address book.

Exploitation of remote working

The advisory also recognises that many organisations will have rapidly deployed new networks to allow employees to work from home. In several examples, the agencies report that they have observed attackers scanning for known vulnerabilities in widely used software, or seeking to exploit the increased use of communication platforms. They also report that the surge in home working has led to an increase in the use of remote desk software, which can be vulnerable if unsecured.

Mitigating the risk

The agencies conclude that individuals and businesses should remain vigilant, and only rely on known and trusted resources for information about the coronavirus pandemic.

There is useful information for individuals in the advisory on tips for spotting phishing attempts, and what to do if you suspect that you have clicked on a potentially malicious link.

For organisations, the advisory recommends widening defences to include technical measures that make it difficult for attackers to reach users, and ensure that users are able to identify and report suspected phishing emails.

The full text of the advisory, which is not intended to be a complete catalogue of all Covid-19 related cyber activity, is available here.

About the author

Hannah Fitzwilliam is an associate in the Dispute Resolution team. She advises on a broad range of contentious matters involving both individuals and corporate clients. She has experience of litigation in the High Court and of settling disputes through negotiation. Hannah regularly advises on complex and high value disputes, often with a cross-border element.

Share insightLinkedIn Twitter Facebook Email to a friend Print

Email this page to a friend

We welcome views and opinions about the issues raised in this blog. Should you require specific advice in relation to personal circumstances, please use the form on the contact page.

Leave a comment

You may also be interested in:

Skip to content Home About Us Insights Services Contact Accessibility