There is an unchanging rule in terms of IT security: every global event is immediately used by hackers to trap Internet users. No expert on the subject has therefore been surprised to note, in recent weeks, an increase in malicious digital activities exploiting the Covid-19 pandemic.
“Don't panic over cyber. However, we must be very vigilant with regard to the rapid adaptation of small scams: the health crisis is an additional theme for defrauding people. “, thus explains to World Guillaume Poupard, director of the National Information Systems Security Agency (Anssi), the state’s digital firefighter.
“Cybercriminals seek to take advantage of the haste and reduced vigilance of the people directly or indirectly concerned to abuse them”, could we read, Monday, March 16, on Cybermalveillance.gouv.fr, the platform to assist victims of digital nuisance in an alert bulletin. The site anticipates “An increase in cyber attacks and cyber scams” linked to the pandemic and calls for “Redouble your attention so as not to fall into their traps”.
An observation shared by certain specialized companies. “At present, the cumulative volume of misleading e-mails related to the coronavirus represents the largest amount of types of attacks around a same theme that our team has seen in years, perhaps even forever” , writes in a press release Sherrod DeGrippo, of the specialized company Proofpoint.
By the start of March, the specialist company Check Point had established that more than 4,000 websites linked to the new coronavirus had been created. According to her, 3% of them served a malicious purpose and 5% were “Suspects”. These sites could be used for phishing purposes, a technique that involves extracting personal information (password, credit card code) by posing as a legitimate site.
Check Point, for example, identified an email phishing campaign targeting a very large number of Italian recipients. In their messages, the hackers explained that“Due to the large number of coronavirus infections in the region”, WHO had made available a document listing the precautions to be taken to protect against it. The message, however signed by a WHO doctor, did not come from the health organization, of course, and the attachment was infected.
Other phishing emails pretended to be the American Centers for Disease Control and Prevention in the hope of tricking recipients, while Canadian and Swiss authorities also alerted to a wave of malicious websites taking advantage Covid-19 by usurping the identity of its health authorities.
In response, WHO has warned that “Criminals” were trying to impersonate her in order to “Steal sensitive funds or information” and reminded that the organization never asked for a password or username, or sent unsolicited attachments.
E-mails or malicious sites can also, in addition to the extortion of information or credit card numbers, be used for the propagation of viruses, such as these. Several authorities and specialized companies have discovered that these e-mails carried, for example, ransomware, viruses making inaccessible data on a computer and demanding a ransom to unlock them, or malware designed to recover bank account credentials.
This proliferation even led the French health sector watch cell to sound the alarm. Six different malware is currently circulating in emails using the coronavirus as an excuse, according to the Cyberpeace Institute, an NGO fighting digital insecurity.
In addition, sites reproducing the very popular map of the Johns-Hopkins University of Baltimore on the spread of the coronavirus in the world contained a virus stealing the passwords, following the publication on a forum of hackers of a kit allowing to quickly create this type of sites.
A resurgence of scams
According to our information, some malicious messages have been reported on Pharos, the police reporting platform – including emails containing suspicious attachments. However, these reports remain few in number at this stage.
Authorities are more concerned about the emergence and spread of deceptive marketing practices, such as sites that sell masks but never deliver them or that issue fake hydroalcoholic gel. Suspicious sites have been reported by the authorities to the Directorate-General for Competition, Consumer Affairs and the Suppression of Fraud. Calls for fraudulent donations are also to be feared, the WHO having also alerted to this phenomenon.
In this period when French hospitals anticipate or face an unprecedented overload of work, there is also a fear of a computer attack further complicating their activities. The hypothesis is not far-fetched: recently, ransomware had hit the Rouen hospital center hard and a computer attack, for example, in the Czech Republic, disrupted the activity of the Brno university hospital even though 'He must fight the Covid-19 pandemic.
The US Department of Health has also been hit, albeit less severely, by an attack designed to paralyze its website under a stream of artificial connections. An offensive that some anonymous senior officials cited by the American press attribute to a state, without further details.
In France, ANSSI has not yet dealt with a major incident related to the Covid-19. “As far as the top hackers are concerned, we don't observe anything but we are on alert to avoid some kind of opportunism, explains Guillaume Poupard, and our response and detection teams are looking in all directions. “
Barrier gestures against computer viruses and coronavirus scams
Several barrier gestures, digital ones, can be undertaken so as not to be the victim of a scam or a virus exploiting the anxiety surrounding the Covid-19 pandemic.
Treat unsolicited messages or calls with great care, especially when they request personal or secret information, or which contain an attachment.
Do not download any app outside of official stores (Apple Store and Google Play Store).
Ensure, in case of online purchase, the legitimacy of the sales site (presence of the name of a company registered in the commercial register, general conditions of sale, etc.). Do not hesitate to report malicious or suspicious sites on the Pharos platform or to the Directorate General for Competition, Consumption and Fraud Prevention (DGCCRF).
Beware of the large amount of false information that has spread on a large scale in recent days and do not relay it.
Check that the fundraising to which we are about to give in support of hospitals, patients or research is legitimate, like that organized by the WHO or the Pasteur Institute.