COVID-19 has seen a major shift in the tactics used by cyber criminals. We’ve previously discussed the way scammers have used the disruption of the pandemic to target people with social engineering attacks, but there have also been far more ambitious attacks.
There is a lot of valuable information sitting on government and medical research facility databases, and no shortage of actors trying to get their hands on this information.
The BBC recently investigated the effects the pandemic has had on state-sponsored attacks and cyber espionage.
“It’s a free-for-all”
Governments across the world were quick to identify the cyber security implications of COVID-19, with some gathering teams of experts as early as January.
And this wasn’t limited to the big players, such as Russia, the US, Iran and North Korea. Intelligence analysts say plenty of less-active states have been using cyber espionage more aggressively, particularly given the lockdown restrictions and the limits on traditional spying methods.
According to John Hultquist, Director of Threat Analysis at FireEye: “It’s a free-for-all out there – and with good reason – you don’t want to be the intelligence agency that doesn’t have a good answer for what’s going on.”
In the past few months, many organisations have had to quickly reassess the threat of cyber attacks. The World Health Organization, for example, has been targeted by Russian, Iranian and South Korean criminal hackers.
Meanwhile, according to one intelligence official, “everyone” is targeting the Wuhan Institute – where the 2019 novel coronavirus was first analysed and, according to conspiracy theorists, where it was created.
The attempted infiltration of the Wuhan Institute was presumably to look for evidence to support those theories and of a cover-up from the Chinese government.
The increased activity has also forced organisations to look at their counter-espionage strategies. After all, finding information about other countries’ coronavirus research is just as important as protecting what you’ve found.
As such, institutes such as the UK’s NCSC (National Cyber Security Centre) were forced to retool as parts of their systems suddenly became part of the critical national infrastructure.
All the latest cyber security news and advice
You might also want to sign up for our Weekly Round-up, which contains the latest cyber security news, advice and resources, as well as some of the best stories from around the web.