It's been months, and we're dealing with a different kind of virus, a non-artificial form.
Frustration, fear , despair , mourns on the lives lost are just some of the words that fit on the crisis that all are having right now. For the past few months humanity has taken its toll since the past 100 years. What could this mean on our economy? Are we going to experience a significant rock-bottom? What about the tech industry, is it safe? Wonder what's running on the mind of all the hackers at the moment? And ofcourse how's the defense going?
^ Covid-19 patient = ^(# of cyber attacks)
We can see the direct proportionality between this two variables which means an increase on Covid19 infections is an increase on malware infections as well. With the entire world in lockdown, it's not the same with cyber illegalities. We all know how hungry senpai is on breaking Uncle George's system. A massive improvement on the number of attacks, as cybercriminals boost and develop their exploits in an alarming pace.
Interpol(International Criminal Police Organization) publicized that the COVID-19 impact on cybercrime segments from a certain individual and small businesses to major corporations, government and critical inrastructure.
The COVID19 exploits
As per the Interpol below are the top cybercrimes for the last few months. I'll emphasize just the top 4 and discuss further.
* *Phishing scams
The application of supply and demand implies on cybercriminals as well. The high demand on pandemic informations, is the rise on COVID19-themed phishing mails and scams. Below are the sample phishing mails
We'll deep dive to some of those on the other blog.
** Disruptive malware(Ransomware and DDOS)
A spike of ransomware attacks has been monitored just the first 2 weeks of April 2020 done by multiple threat group who has been inactive for the last 4 months. Below are just some ransomware
1. The 'dont-waste-your-time' coronavirus installer exe
Trend Micro Research Labs analyzed a COVID19 themed malware that overrides a system's master boot record, making the system unbootable.
You can check on the entire walkthrough of this malware in this link : https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/coronavirus-used-in-spam-malware-file-names-and-malicious-domains
2. Fake Covid19 tracker app
From DomainTools security reseach team, a malicious domain (coronavirusapp[.]site) is distributing a fake Coronavirus outbreak tracker app that provides users tracking infos and stats. Once the victim download and run the app, it would lock the screen and show a ransom note on the compromised mobile device.
Here's the link for the complete breakdown >> https://www.helpnetsecurity.com/2020/03/16/fake-covid-19-tracker/
** Malicious Domains
Malware patrol has listed the Covid19 related domains on their site.
http://malwarepatrolexport-covid-19.s3-website.us-east-2.amazonaws.com/domains/domains.txt
With the aid of my tools ,I will delve in to this on my next blog and see how these domains operate, check their status,redirections,sites involved and just perform a crawl to them.
**Fake News
Ofcourse the infamous fake news!
What else can I say, a lot! For me fake news is an unintended form of networking where unverified informations are passed through. It is a fast spreading chain of gossips that even an AI-capable platform might not immediately detect and take action on it. It is a modern day gossip(Filipino word 'tsismis') where the actor are the keyboard warrior, all are held on a social media platform.
How could a misinformation content leads a victim to malware? Malicious webhost and scam SMS.
The NEW Cybersecurity
New normal is the 'new'-normal. It is when everyone get out of the norm or the usual. This is the beginning of something that we are not accustomed of; could be a start of a potential loop, an upgrade , a downgrade? Business, market, economy, technology, beliefs and ideology are all in a state of change.
Corporations turns to cloud to execute BAU even at home. Yet, majority of the business sectors have felt this impact and forced to shutdown. As employees turns to a work-from-home setup, this has pros and cons.
We start with pros:
1. Private business sectors escpecially those in IT/customer service field, realized the benefit of a cloud platform for business tasks will be held at home. This way corporations could cut cost by taking away office rent and expenses on their balance sheet.
2. The expectation to rise on productivity. Well, this might not be for everyone but an employee at home has a little to no reason to be late at work. No hustles and no traffic, all you need is to wake up and get to work. A group's former 60% rate to production must increase to 110% in this kind of setup.
3. More time with loved ones while at work. Let's face it, during these times we maximize the time we spend with our family and the ones we love while we target to achieve some goals. Spend every moement and have fun while we all go through this tough time.
4. Traffic consumes 3-4 hrs of our day. What way to make use of those 3 to 4 hours to enhance our being. I'm talking about you getting to that next level! Just need a SEX on this pandemic!
Self-Improve - Improve things that you already know or own. Taking certifications to boost up your career, or improving your sports by taking athletic programs online could maximize our potential and get to that limit that we are searching.
Educate - ourselves on things that we have not done yet or are out of our domain. This way we fill the gap that could be missing that could aid us as we progress.
X - Just 'x' on the things that drives negativity. Hold on to the bright, contemplate and reflect on things. Well you're on your own here ;)
5. The rise of the new-normal on tech. Technology adapts and it always change. The argument that humans came with tech and tech came with humans, is like an argument of sandwich with peanut butter and jelly. Expect a lot of changes on all fields of technology that could 'make' and revitalized our industry.
The con:
Just one simple word.
HACK
With everything getting digital cybercriminals are hungry dogs chasing for food 'more' effortlessly. The fact that hackers are getting better with their crafts, hacking a corporation would be a lot easy. A lot of security vulnerabilties on both people and software will rise, so NMAPing will succeed on first tier.
A new normal in cybersecurity could end up on something that is bitter-sweet or a total nightmare. Cybercriminals are thirsty for upgrade and so are the defenders. But an astronomical increase of attacks that could crash the entire market or even a country's economy which could be soon. And what could lead this to? Cyberwarfare? A ground zero for the next world war?
Yet then we might start to think; is this really the new normal? or are we up to something worse? Are we prepare?
References:
https://www.interpol.int/News-and-Events/News/2020/INTERPOL-report-shows-alarming-rate-of-cyberattacks-during-COVID-19
https://www.malwarepatrol.net/coronavirus-covid-19-online-scams-data/