Mapping cyber threats under COVID-19

The world is currently experiencing an unprecedented situation in terms of the scale, reach and impact of COVID-19. Citizens are in lockdown, many businesses are struggling financially; it has touched us all in one form or another.

It is usual for Threat Actors to take advantage of major events, exploiting them to either make a profit or use them as an opportunity to steal information. The proliferation of disinformation and so-called ‘fake news’ is also noticeable in the wake of a major event or incident and can often result in panicked responses of one form or another.

These circumstances provide Threat Actors a perfect opportunity to develop social engineering campaigns - essentially manipulating people so that they reveal private information or do something that they wouldn’t ordinarily do. In the context of cyber-criminality, these campaigns are usually launched with a view of manipulating people to reveal passwords, banking information, or provide access to their computer or mobile device.

Therefore, it is unsurprising that Threat Actors have been taking full advantage of the global COVID-19 pandemic. These campaigns range from the sophisticated and well thought-out, to the rushed and blatant attempts to capitalise on fear.

Our analysis shows that these attacks have included indiscriminate phishing, malspam and mobile phone app campaigns and more-thought out, targeted attacks on essential workers, political targets, healthcare and medical research institutions and vulnerable sectors like finance and retail.

We’ve created a threat report to map and help you identify the cyber threats that have emerged during the pandemic to date and provide advice on how you can navigate your way through the situation in a safe, secure and resilient manner. We also explain the threat of disinformation and how to avoid it.

To find out more, download the threat report here.