The question what the malicious actors do during the crisis is one which comes up fairly often. My observation was – as bad as it sounds – that we had “business as usual”. As with any catastrophe or significant event, we see themed phishing attacks popping up – the same here. I guess as long as they work, they will be used.
We just published some threat intelligence on what we see currently: Microsoft shares new threat intelligence, security guidance during global crisis. Which is quite interesting. There are a few remarkable quotes:
Every country in the world has seen at least one COVID-19 themed attack
Which is not really surprising to me as the crisis is (almost) global.
What I feel is really disgusting, however, is this one:
Several advanced persistent threat and nation-state actors have been observed targeting healthcare organizations and using COVID-19-themed lures in their campaigns.
But I guess, this is where the money is if you can blackmail them. But what about nation-state actors?????
Anyway, read the post and stay safe.