News article

Coronavirus: Security agencies issue COVID-19 cyber threat update

9 April 2020

Agencies warn about cyber criminals exploiting COVID-19

According to the UK and US security officials, a growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain.

The UK's National Cyber Security Centre (NCSC) and their US counterparts have issued a joint advisory warning that cyber criminals and advanced persistent threat groups are targeting individuals and organisations with a range of ransomware and malware.

Examples of scams include emails containing malware which appear to have come from the Director-General of the World Health Organization (WHO), and others which claim to offer thermometers and face masks to fight the pandemic.

The techniques used by attackers prey on people's appetite for information and curiosity towards the outbreak, with phishing emails and SMS messages using the virus as a lure to trick people into revealing credentials or downloading malicious software.

Elsewhere, the agencies have detected cyber criminals scanning for vulnerabilities in software and remote working tools as more people work from home during the pandemic. It is expected that the frequency and severity of COVID-19 related cyber attacks will increase over the coming weeks and months.

Read the full advisory: COVID-19 exploited by malicious cyber actors.

As well as alerting people to the threat, the advisory directs them to the support available to counter it. This includes the NCSC's guidance on dealing with suspicious emails and on working from home securely.

First published 9 April 2020