Posted on April 24, 2020 at 2:22 PM
Internet Giant Google warned that world healthcare organizations are subjects of targets by nation-backed hacker groups who are exploiting the loopholes appearing during this coronavirus era. The company said the organizations affected are those working to fight the impact of the pandemic.
According to the cybersecurity unit at Google, there have been over a dozen state-sponsored hacking syndicates using the COVID-19 theme to lure their victims and attach malware in their systems and networks.
Earlier this month, the tech giant revealed that it would delete about 18 million coronavirus-themed phishing or malware messages per day and over 240 million pandemic-liked spam messages.
Hackers seizing every opportunity from the pandemic
According to Google’s threat analyst, Shane Hunter, the state-backed hackers are always seeking for opportunities where global events would give them the chance to exploit organizations and individuals. “Hackers frequently look at crises as an opportunity, and COVID-19 is no different,” he said.
The threat analysis team at Google has pointed out some ploys used by such hackers, including websites impersonating genuine public or government care agencies, messages designed to appear as if they are sent by remote workers, and fake solicitations for charities.
Huntley explained that a particular hacking group sent phony messages to US government workers. The messages contain offers for delivery options or free meals available from fast food companies as a result of the pandemic. Once the user clicks on the email, it leads to another message that warrants users to provide their Google account usernames and passwords.
Earlier this month, British and US security agencies issued warnings, pointing out that several fraud schemes are controlling about 2,500 web addresses during this pandemic era. The security agencies advised that users need to be careful about how they release their login details from unknown emails and pandemic-linked offers.
Many of the messages were automatically sent to the spam folders, and stapes have been taken to deny related websites looking for user credentials, Huntley said.
However, he reiterated that there are no complaints from any government agency about any account being compromised due to the activities of these hackers. However, it has informed all the targeted users, warning them that some state-sponsored attackers are trying to infect systems with malware.
Hackers are fronting as health organizations
Google said it has discovered that some attackers are impersonating health organizations to deceive people into downloading malware. Hackers have impersonated the World Health Organization (WHO) and other humanitarian and government organizations in an attempt to deceive people and convince them to release their credentials.
Some of the Coronavirus-linked emails Google discovered were the work of “Charming Kitten”, a state-sponsored hacker group from Iran.
Some other hackers carrying the “Packrat” banner were from South America. Google said these hackers were responsible for the impersonation of the WHO login page.
Google beefs up security
Google is now more serious about security,
as the number of hacking incidents has increased amidst the coronavirus
outbreak. Both private and state-sponsored hacking groups have intensified their
efforts to scam their victims by impersonating as health care organizations.
Google wants to tighten security at over 50,000 accounts that could be owned and operated by state-sponsored hackers, according to Huntley. He further said that the is no overall increase in the number of phishing attacks by state-sponsored groups. Rather, their strategies have changed.
In February, the California-based tech giant added new lines of security scanners that use deep learning technology to identify malware, phishing, and spam messages. This development came at the right time when health care organizations are increasingly being the subject of malware attacks due to their roles in this period.
This week, Microsoft also pledged to extend its AccountGuard services to healthcare organizations throughout the coronavirus period.
Google has advised employees to always make use of their company’s enterprise email account for any work-related activity. According to Google, this will go a long way to curb the level of exposure and vulnerability they allow for these government-backed hackers.