The ongoing COVID-19 crisis has proven to be fertile ground for cybercriminals looking to make easy money. In particular, malware attacks are on the rise.
According to the cybersecurity firm Trend Micro, there was a 220-fold increase in COVID-19 related spam between February and March 2020. A total of 907,00 spam messages were included in the report alongside 737 malware incidents.
COVID-19 is being used as a vehicle to deliver malware to victims through attack vectors including personal spam emails, as mentioned above. But it’s not the only method criminals are using; malicious domains, text messages, fraudulent contact tracing apps, and business email compromise (BEC) threats have all been reported.
As the pandemic intensifies with second waves and rising fatalities sweeping across both Europe and the Americas, campaigns that piggyback on the coronavirus as bait will continue to increase.
Who is at risk from COVID-19 malware attacks?
Both individual citizens and businesses are at increased risk of malware at the moment.
Individuals may be targeted by social engineering attacks disguised as legitimate emails from trusted bodies, such as the World Health Organization (WHO) or their local government. As noted earlier, fraudulent contact tracing apps are another pressing concern. The Anomali Threat Research team discovered 12 Android applications that harbored malicious code, the apps were targeted at citizens of nations across the world.
The Trojan Anubis and SpyNote were some of the threats uncovered during the team’s investigation. Once installed on a device, the apps download and install malware that monitor the device and activity to steal personally identifying information or banking credentials. In Canada, two fake apps were found that contained ransomware.
Companies are also at risk, particularly small to medium-sized enterprises that lack an expansive cybersecurity budget and dedicated IT and/or digital security staff members. The rapid shift to remote working models, in particular, left many companies struggling to secure their processes and systems.
A decentralized workforce necessarily means decentralized systems, something that hackers have quickly exploited. Likewise, the increase in Bring Your Own Device (BYOD) culture, which is an unavoidable event given the circumstances, has meant greater opportunities for threat actors to find and exploit loopholes in systems or gain entry.
The different types of malware
Malware is a portmanteau term that is derived from the combination of two other words: malicious and software. As such, malware is an umbrella term for a broad range of threats that are software and malicious in nature. It is so prolific that each day, the AV-Test Institute records around 350,000 new malware and potentially unwanted program (PUP) scripts.
Cybersecurity experts define malware as any type of software that is designed with the intent to cause harm to data, devices, or users. There are several different types of malware, which are broadly divided according to how they are spread, here are some notable examples:
- Worms: These typically gain access to a device via a vulnerability or a phishing attack, and to systems and networks via an infected device. Worms can infect a device comprehensively and in worst-case scenarios, an entire network. They may be used to install hacking software, modify/delete files, or steal data among other reasons.
- Viruses: Unlike worms, viruses can’t independently spread from a single device to a network, they need an already infected program or operating system to work initially. But once the vectors are activated, the virus can spread.
- Ransomware: This type of malware is designed to lock and/or steal data in return for financial gain, it’s a type of digital extortion. Users may receive access or their data back if they pay the bounty, which is often collected in cryptocurrency. The WannaCry ransomware is a prime example.
- Spyware: Spyware programs masquerade as legitimate tools, for example, a free antivirus program that actually has a covert secondary purpose, such as monitoring your habits and harvesting your data, which is then sold to third parties for payment.
How to protect yourself from malware during COVID-19
In addition to practicing good digital hygiene always, there are some extra steps you can take to keep your devices and data safe from malware. Check them out below:
- Avoid public wifi: Open-access public wifi might be free and convenient, but it’s also riddled with malware. If you must connect, always use a VPN.
- Keep devices and software updated: As we noted, malware can be spread through vulnerabilities. Updating your devices and apps whenever a patch is made available means closing off potential access points.
- Use an antimalware program: Choose a high-quality paid subscription.
- Email scanners: Work to detect malware that’s hidden in links in emails, these tools are particularly useful for companies.
- Enable firewalls: Ensure your device’s firewall is on, companies should consider enterprise-level firewall protection.