Cybercriminals are actively exploiting the coronavirus pandemic to target the general public and businesses, the National Cyber Security Centre (NCSC) has warned.
In new guidance published this week it said the move “has created a considerable amount of concern amongst the cybersecurity community” due to the various approaches being taken by criminals.
While it is not uncommon for cybercriminals to seek to exploit events for their own profit, the NCSC said the speed and scale at which they are doing so during the crisis is of great concern.
The NCSC, which is responsible for advising the Government on cybersecurity issues, highlights a number of methods being used including targeting the organisations whose staff are working remotely and the singling out of healthcare services that are under stress. It also notes a sharp increase in malware that has Covid-19 themes.
“The key threats to organisations during the response to Covid-19 stem from the phishing, social engineering and remote access threat,” the centre warns.
New threats
“These are not new threats, but with large numbers of staff working from home, there may be additional vulnerabilities where existing IT security services do not extend to remote devices, and where remote working was implemented under time pressure,” it adds.
The NCSC warning comes just days after Interpol said hospitals are increasingly under threat from cybercriminals looking to take advantage of the current crisis.
Interpol said it had detected a significant increase in the number of attempted ransomware attacks with cybercriminals looking to hold hospitals and other medical services digitally hostage and prevent them from accessing vital files and systems until a ransom is paid.
Separately, Britain’s National Cyber Security Centre – a branch of the intelligence agency GCHQ – and the US Cybersecurity and Infrastructure Security Agency – part of the department of homeland security – this week jointly warned about increased use of Covid-19 in state-sponsored cyberattacks.