Australia's cyber security body will upgrade its threat advice in a bid to stop hackers using the outbreak of COVID-19 to send fake emails and texts to infect computers and networks with malware and steal user information.
The upturn in "phishing" emails and SMS messages with coronavirus-related titles comes as the Morrison government will overhaul its long-awaited cyber security strategy to take into account the threats of COVID-19.
Cyber criminals are taking advantage of COVID-19.
There is also growing concern from cyber experts about work-from-home arrangements giving cyber criminals the opportunity to access the computer networks of government departments and large companies.
The coronavirus emails and text messages are offering advice and information on detection which are embedded with malicious links or documents, which when clicked or opened unleash remote access trojans giving hackers control of a computer, phone or network.
One email purports to be from the Australian government and is titled "INSIGHTS ON CORONAVIRUS", while others have read "Latest corona-virus updates" and "UNICEF COVID-19 TIPS APP". The emails usually contain malicious attachments in the form of PDFs, excel documents or other file types, delivering malware that attempts to steal critical information such as passwords or confidential data.
Fake Android phone applications are also being created which claim to offer information about the virus, all while allowing attackers to spy on Australians through their devices or encrypt their device and hold it for ransom.
Sean Duca, regional chief security officer with global cybersecurity company Palo Alto Networks, said cyber attackers were targeting people's increased dependence on digital networks during the COVID-19 outbreak.
He said cyber attacks had been made against education services, critical infrastructure, high tech, professional services and government agencies.
"With much of the workforce now tapping into their home networks to enable business and operational continuity, this raises cybersecurity issues," Mr Duca said.
"Our data shows that cyberattackers are targeting people's increased dependence on digital tools and technology and are finding ways to capitalise on their desire for more information around COVID-19.
"In fact, over the last few weeks, we have seen [over 100,000 domains] … registered containing terms like "covid," "virus", and "corona." Not all of these will be malicious, but all of them should be treated as suspect.
"We expect the number of COVID-19 related cyber-attacks continue over the coming weeks and months – although as awareness of their methods increases, these cyber adversaries may pivot and adjust their approaches."
He said companies and organisations could guard against the attacks by only allowing authorised devices to access their networks, and regularly reminding staff about the need to exercise the same level of cybersecurity discipline when working from home.
Fergus Hanson, the director of the Australian Strategic Policy Institute's International Cyber Policy Centre, said hackers were already targeting people working from home as it provided additional access points to a network.
He said companies and organisations could address the concern by limiting access to parts of the network to the employees who actually need it, using VPNs to log on remotely and separate work and personal computers.
"There's absolutely more vulnerabilities and probably softer targets in a work-from-home arrangement and there does anecdotally seem to be an upticking on attention on those issues," he said.
Mr Hansen said there was also uncertainty about how the government could procure cyber security systems under work-from-home arrangements.
"We haven't worked out how to do remote procurement," he said.
"All of that adds up to probably a weakening of our cyber security posture, particularly for government but also for private enterprise."
The Australian Cyber Security Centre will on Friday upgrade its advice to specially warn about criminals using phishing emails and SMS text messages to profit from COVID-19.
The body's acting head Karl Hanmore said the hackers were operating as part of organised criminal networks and "their job was to steal our money".
"If things seem a bit out of place, there are some things to check," he told ABC Sydney on Friday.
"If there's any doubt at all, just go to the official website of the organisation and see if you can verify it that way."
The Department of Home Affairs is due to release its new cyber security strategy within months.
In a statement, the department said it was continuing to develop the new strategy which would take into account the "rapidly evolving cyber security landscape, including the impact of COVID-19".
Sign up to our Coronavirus Update newsletter
Get our Coronavirus Update newsletter for the day’s crucial developments at a glance, the numbers you need to know and what our readers are saying. Sign up to The Sydney Morning Herald’s newsletter here and The Age’s here.
Source: Read Full Article