Covid-19 Threat Update Issued Jointly by U.K. and U.S. Security Agencies

A joint advisory published today by the U.K.’s National Cyber Security Centre (NCSC) and U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) shows that a growing number of cyber criminals are exploiting the COVID-19 outbreak for their own personal gain.

Malicious groups online are targeting individuals and organizations with a range of ransomware and malware, including emails containing malware that appear to have come from the director-general of the World Health Organization and others that claim to offer thermometers and face masks to fight the pandemic.

With more people working from home, cyber criminals are also scanning for vulnerabilities in software and remote working tools, the agencies say.

Though the agencies are not seeing overall levels of cyber crime increase, they are seeing a growing use of COVID-19-related themes by malicious cyber actors. In addition, the frequency and severity of COVID-19-related cyber attacks are expected to increase over the coming weeks and months.

The advisory not only wants to alert people to the threat but also direct them to the support available to counter it. In the U.S., this includes a CISA Insights on risk management for Novel Coronavirus, as well as guidance for individuals and business on defending against COVID-19 scams and securing enterprise Virtual Private Networks.

Read the full assessment here, which includes guidance for organizations and individuals on how to decrease the risk of cyber attacks.