Now that cyber attackers have presumably registered all COVID-19 related domains and penetrated some with phishing attacks, they are perhaps readying to launch far more serious assaults. According to COVID-19 Cyber Threat Coalition, a volunteer group of cyber security experts working to prevent such attacks, the number of high-risk coronavirus-linked domains exploded at the beginning of March.Statistics gathered by researchers at Domain Tools, and analysed by the coalition, reveals the trend hit a high of just over 5,000 registrations per day on or around 20 March.
Particularly shocking were ransomware attacks on healthcare facilities, putting the lives of the already infected and medical professionals at even greater risk. Healthcare organizations now not only have the pandemic to counter but also find themselves vulnerable to fatal cyber-attacks.
This spike in domain registrations was short-lived and has now dropped back to a steady range of between 1,800 and 2,000 per day since the week beginning 13 April. The most common types of cyber-attack encountered were simple coronavirus scams reported by over 60%, followed by credential phishing attempts faced by close to 50%, and malicious documents at just under 40%. Ransomware incidents and other kinds of online extortion’s were observed less frequently – reported by just around 10% and 5% respectively.
Transition to near-universal remote working still remained the main concern among the Cyber Threat Coalition members. More than half said this has increased their vulnerability, although less than one-fifth said they had relaxed security policies in their organizations. The issue is wide open and the threat looming indeed!