Sunday, March 22, 2020

Your Computer has a (Corona) Virus

Welcome back everyone!  It has been quite some time since I last posted, I hope you have all been well!  I am now in a new Bellevue Univeristy course (CYBR 650) which requires posts

tl:dr
First, let me say that the title of this post is not intended to be a joke.  With everything going on in the world related to the COVID-19 pandemic, we all need to be cautious and make decisions that are in the best interest of ourselves and our families, and to do so without harming others (I'm looking at you toilet paper hoarders).

Looking for current information on Coronavirus has become a part of our lives, and hackers know this and are trying their best to take advantage of this international emergency.  Different actors are performing a variety of attack vectors from phishing to entire malicious domains.

The increase of coronavirus related phishing has increased drastically recently.  These messages are similar to other phishing attempts in that they are used to try and get your personal information, account numbers, social security number, and even account login credentials.  Additionally, some messages are laced with ransomware.  The ransomware (or other software) appears to be something useful.  Instead, this software is there to encrypt your hard drive and keep all of your information away from you until you pay the hacker their ransom to unlock the system.  Another piece of software parades itself as a Coronavirus map, tracking the pandemic.  This software also contains malware that focuses on stealing your passwords.

More workers are also being directed to telework in order to increase social distancing, which increases the attack surface for hackers to hit.  Rather than an organization controlling information in and out of their networks, their employees are now working on their home networks.  Most likely, these home networks do not have the same level of protection as their work environment.  Unsuspecting users working from home, in an attempt to make their connections more secure, may find themselves with a VPN (Virtual Private Network) that is nothing more than malware written by someone with evil intentions.

Individuals are not the only targets of malicious actors taking advantage of this horrible situation.  Hackers successfully attacked the US Department of Health and Human Services just one week ago (15 Mar 20).  The thought is that the attackers are attempting to slow down the agencies response and spread misinformation to the public.  After successfully breaching the system, the attackers spread a false message of a government plan to implement a nationwide lockdown.

Now that I have properly scared you more than COVID-19 already has, what can you do to protect your digital life?  In my previous posts, I have made recommendations for things such as regularly patching your systems, removing unnecessary software, and using a complex password.  While these things will help you protect your system, you may want to think about the following:

  • Don’t open e-mails from unknown senders
    • While James Veitch shows how much fun it can be to toy with spam senders, some messages can activate malware simply by opening the message.  Better to leave them be and just delete them.
  • Ask your tech support what they recommend for a VPN
    • Some organizations have a VPN you can connect to already, but it most likely has limited bandwidth and number of users.  If they recommend using a VPN, ask which one.  Some VPN providers offer a free service with limited data, but others offer pay services.  For example, I used Windscribe while travelling abroad last year to keep my Internet connection secure.  It was a limited data use, but it did the trick to keep me safe while checking on personal business, like banking data.  See the link below to checkout Windscribe.
    • I can’t recommend any other VPNs because I have not personally used them, but others out there are NordVPN, ExpressVPN, and CyberGhost.  See the TechRadar list below!
  • Don’t give info out to someone over the phone
    • This is probably common knowledge, especially if you are reading this blog, but malicious actors still call people trying to get their info.  Why?  BECAUSE IT WORKS!  Just like phishing, people still give their info to callers.  Stop.  Seriously, just stop it.
  • Be wary of sites you get information from about COVID-19 (or anything for that matter)
    • Domain registrations with a coronavirus theme are 50% more likely to be malicious in nature.  This means you have a pretty good chance of going to a site for info and then having something bad happen.  Be careful, don’t trust corona-virus-info.biz (which I just made up…if you are the owner of corona-virus-biz and are a legitimate business, contact me and I’ll make something else up).

Stay safe out there! See you next time.

Schopp

REFERENCES:
https://fortune.com/2020/03/18/hackers-coronavirus-cybersecurity/
https://www.consumer.ftc.gov/blog/2020/03/ftc-coronavirus-scams-part-2
https://www.infosecurity-magazine.com/news/us-health-department-hacked/
https://www.marketwatch.com/story/hackers-are-using-coronavirus-concerns-to-trick-you-cybersecurity-pros-warn-2020-03-12
https://windscribe.com/
https://www.techradar.com/vpn/best-vpn

James Veitch, More Adventures in Replying to Spam - https://www.youtube.com/watch?v=C4Uc-cztsJo