Security & Privacy Advisories
Team Organizations	Cybersecurity and Privacy
Team Leaders	Pamela Gupta
City, State
Contributors	Anna Lainfiesta
Website
Document

Description

FBI is cautioning against the ‘Other’ Coronavirus Crisis, Cybersecurity & Privacy risks and scams. There is a lot of currents and anticipated criminal activities at an unprecedented scale as criminals devise means to prey upon the public’s fears. According to the FBI “The speed at which criminals are devising and executing their schemes is truly breathtaking. The sheer variety of frauds already uncovered is shocking. Law enforcement has already learned of offers of sham treatments and vaccines, bogus investment opportunities in non-existent medical companies, and calls from crooks impersonating doctors demanding payment for treatments. Scammers are targeting websites and mobile apps designed to track the spread of COVID-19 and using them to implant malware to steal financial and personal data. Thieves are even posing as national and global health authorities, including the U.S. Centers for Disease Control and Prevention and the World Health Organization, to conduct phishing campaigns. They send e-mails designed to trick recipients eager for reliable health information into downloading malicious code.

Perhaps most outrageously—and dangerously—criminals are using COVID-19 as a lure to deploy ransomware, a malicious software designed to lock a computer system until a ransom is paid. Ransomware has substantially disrupted hospital and local government operations in recent years. It is a heinous crime to take down the computer network of a hospital or a public health department during normal times; it is homicidal in the midst of a global pandemic.”

Audience: Guidelines from advisories including but not limited to LEAs, US-Cert, DHS, CISA, NSA, FBI, SANS etc. for general public, students, municipalities, healthcare and businesses.

Identify

Advisories aim to identify the sources of potential cyberattacks. It may include attacks on personal laptops, smartphones, tablets, printers, scanners, and point-of-sale devices. During the pandemic, there's specific attention given to video calling software (such as Zoom, Microsoft Teams, Skype, Cisco WebEx etc.). A subtle surge of robocalls are also observed.

• Advance Fee and BEC Schemes: FBI Warns of Advance Fee and BEC Schemes Related to Procurement of PPE and Other Supplies During COVID-19 Pandemic
• Viral Marketing Counterfits: Informs about counterfeits such as substandard food items, pharmaceutical products etc.
• Public awareness and prevention: Europol's gives potential attack vectors likely to be used in tricking users
• Tracking the Global Response to COVID-19: Privacy International's tracking the examples of abuse through wide range of selection of Actors, Issue and Technology
• Privacy-Preserving Contact Tracing: Apple and Google COVID19 partnership - releases exposure notifications for Bluetooth, Cryptography, Framework API, and FAQ.
• Top Email Protections Fail in Latest COVID-19 Phishing Campaign

Protect

Advisories reach out to us on formal policies and securing our digital devices; network; personal accounts, banking accounts, business accounts. Organizations including Google, Cisco, Microsoft, Apple etc. release the latest and urgent patches.

• Google announces the release of cloud-based zero trust solution for remote workers that eliminates need for VPN’s.
• CISA and NCSC Joint Alert on APTs, Phishing and their Mitigation Strategies
• CISA and NCSC Joint Alert on Pharmaceutical and Research Organizations and their Mitigation Strategies
• Zoom Security Tips especially against Zoom Bombing
• Assessment of popular Collaboration Services : NSA's guidance on how organizations can select and secure commercially-available collaboration services such as Slack, Signal, Microsoft Teams, WhatsApp, Zoom etc.
• The realities of ransomware: Five signs you’re about to be attacked
• Technical Approaches to Uncovering and Remediating Malicious Activity: CISA Shares Incident Detection, Response Playbook for Cyber Activity. The joint DHS CISA alert highlights the best practice methods for incident detection and remediation of malicious cyber activity, including mitigation steps and indicators of compromise.

Detect

Advisories help us in providing guidelines for detecting potential cyberattacks on digital devices.

• Federal Trade Commission's increased measures against Robocalls
• Fake Coronavirus Interactive Map Alert: Health Sector Cybersecurity Coordination Center (HC3) releases "Fake Online Coronavirus Map Delivers Well-known Malware"
• 
• 2020 Verizon Data Breach Investigations Report

Respond

Advisories including LEAs designed responding procedures such as investigation, reporting, updating policies, keep the business up and running.

• 10 Most Exploited Vulnerabilities 2016–2019: “FBI and CISA released a joint product listing the top ten most frequently exploited technical vulnerabilities along with their Mitigation measures. Why does this matter?

1) Because organizations spend unbelievable sums of money on new defensive technologies, but often leave the side door open. The most sophisticated actors won't deploy their most trusted tools when they can identify rudimentary weaknesses in your infrastructure. 2) We do incident response 365 days a year, and when we see these vulnerabilities exploited, it's incumbent upon us to let you know. These CVEs go back to 2017, meaning we must do a better job at automating our patching validation and deployment process.”

• Telework Guidance and Resources: CISA has launched a product line to provide best practices and resources for telework. This includes cybersecurity recommendations for using video teleconference tools and services

Recover

Repairing and restoring procedures fall under this category. Advisories give us formal procedures to combat the aftermath of cyberattacks.

• A guide to helping businesses in the process of reopening: Ready to Reopen: A Playbook for Your Small Business
• Check if zoom-us-zoom_##########.exe” is present on your system!