Coronavirus Malware: Cyber Threats Rising

Learn how Adaptive Multi-Factor Authentication combats data breaches, weak passwords, and phishing attacks.
Read more
Updated: 10/03/2024 - 1:55
Time to read: 15 minutes

Malware, ransomware, phishing attacks, and social engineering strategies as cyber threats have been rising since the outbreak of COVID-19. The digital landscape has changed, as people are moving more of their lives online. With this move, bad actors are also evolving with new and complex cybercrime methods. It is helpful to know what these attacks look like to best find ways to prevent and thwart them. Defending against cyber threats during the pandemic requires a multifaceted approach with good cyber hygiene and security practices to prevent, block, and stop attacks.

Cyberattacks on the rise during the pandemic

There has been a 400 per cent spike in cybersecurity complaints to the FBI since before the pandemic, rising to nearly 4,000 complaints per day compared to around 1,000 daily complaints before the coronavirus outbreak. Whenever there is uncertainty in the world, criminals take note and look for ways to exploit potential weaknesses due to people’s anxiety and shifting online trends. With the pandemic comes heightened anxiety, which has increased the range and number of cyberattacks and the success of these attacks. More and more people are working from home, which can create network insecurities and increased cyber vulnerabilities. Additionally, people are banking, shopping, and doing more of their business online. This means they are putting more financial and personal information in digital forms, making it vulnerable to hackers and cyberattacks. Evolving cyber threats during the pandemic are targeting healthcare organisations, financial services, retail operations, and public administrations. Fraudsters are also preying on fear and using fake coronavirus emails and websites to perpetuate cybercrime.

Evolution of threats due to coronavirus

As officials have shifted their attention to the public health crisis, Interpol warns that cybercriminals are exploiting this since it can also mean that cyber defences are down. Cybercriminals look to gain access to systems and networks when key officials have their hands full dealing with something else. Social engineering tactics early in the pandemic used COVID-19 information to try and bait users, and these tactics have now shifted to coronavirus job listings and school updates. For instance, fake health surveys are asking for more information as schools are asking for more details. The pandemic has also caused a lot of job losses, which has more people seeking new employment opportunities. This gives fraudsters a different form of bait to use. Fraudulent emails claiming to have information on new job opportunities are common phishing tactics.

Threat to healthcare organisations

Healthcare organisations and hospitals are prime victims of rising cybercrime due to the coronavirus. Private health data is worth more than financial data on the Dark Web — as much as 20 times more, CISA (Cybersecurity & Infrastructure Security Agency) reports, making the health and public health (HPH) sector a major target for cybercrime. Ransomware is increasingly effective in the healthcare industry, as these institutions must have access to their systems to provide care and cannot afford to be locked out. Healthcare has a fast-growing and evolving technical landscape, budget constraints, highly valuable data, inconsistent cyber hygiene practices, and often overworked and underpaid staff, which can increase the risk for cyberattack. These are some of the challenges of the healthcare sector that are related to the pandemic directly:

  • A quick shift to remote working to limit disease spread led to less trained users, misconfiguration in work technologies and cloud environments, and a lack of endpoint protection.
  • The global scope of the health crisis requires global coordination, evolving risks, and less options for support and aid.
  • The duration of the pandemic breeds continued uncertainty and economic consequences.
  • Procurement and implementation of security tools for a new work environment were done quickly and were not as thorough as necessary.

Types of threats using COVID-19

The number of cyberattacks rel