If you’re like most people, you have a router in your home. It’s the little black box that gets internet connectivity from your ISP and distributes it throughout your home either via ethernet cable or via a wireless network. Did you know those routers are currently under attack by scammers looking to capitalize on the coronavirus pandemic?
Routers Breach
According to Bitdefender, “researchers have recently found a new attack that targets home routers and changes their DNS settings to redirect victims to a malware-serving website. To make sure the victim doesn’t suspect foul play, attackers also abuse TinyURL, the popular URL-shortening web service, to hide the link.”
As a final step in the scam, “the webpage to which users are redirected mentions the Coronavirus pandemic, promising to offer for download an application that will give out the latest information and instructions about coronavirus.” Stay safe out there.
CDC Phishing eMails
Did you receive an email from the CDC regarding COVID-19? Yes? There’s a pretty good chance it’s not from the CDC and is actually a phishing email. The good news, if there is any, is that the FBI is all over it and issuing warning to people.
From Dark Reading, “The FBI Internet Crime Complaint Center (IC3) issued an alert late last week to warn people of fake emails claiming to be from the Centers for Disease Control and Prevention (CDC) or other healthcare organizations, pretending to share information about the virus. Officials advise not to open attachments or click links in these emails, and to be wary of websites and apps that claim to track COVID-19 cases. Criminals are using such websites to infect and lock computers.” You’ve been warned.
Phishing Phrontier
Well that didn’t last long. Last week we reported that hackers would no longer be attacking health organizations during the COVID-19 pandemic.
This week comes a story from Bleeping Computer that hackers are at it again. From the article “The Ryuk Ransomware operators continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. Bleeping Computer has learned that Ryuk continues to target hospitals without email security services even while they are struggling to keep people alive during the Coronavirus pandemic.”
If you can’t count on scammers to keep their word, who can you trust?
Cyber Attack vis USB
Not all cyber-attacks arrive via email. What’s the newest threat vector? How about a USB drive. It arrives in the mail. And how does the scammer convince you to plug it into your computer? How about promising you a $50 Best Buy gift card.
From SC Magazine, “The attack begins with an actual paper letter mailed through the U.S. Postal Service to a specific target that contains a socially engineered message designed to entice recipients to place the USB drive in their computer. The note says the gift card is thanks for being a great Best Buy customer and that the USB drive contains a list of products that can be purchased with the card. Not surprisingly, there is nothing on the gift card, but the USB does come with a surprise: malware.” Is it really that much of a surprise?
Body Count
Just to prove that healthcare companies are not safe from hackers, “About 140,000 patients of Tandem Diabetes Care are being notified their data was potentially compromised after several employee email accounts were compromised during a phishing attack,” according to Health IT Security. Tandem is a medical device manufacturer based in San Diego, California.
What was in the data breached? “The affected accounts contained a range of patient data including details related to customers’ use of Tandem products or services, clinical data about diabetes therapy, and Social Security numbers, for a limited number of patients.” Well, if it was only a limited number of patients then that’s okay.
Chubb Ransomware Attack
Insurance companies are supposed to protect you when something goes wrong. The question is, can they protect themselves? We’re about to find out because this week, insurance company Chubb, was a victim of a ransomware attack.
According to an article on SC Magazine, “Chubb this week reportedly found itself a victim of the Maze ransomware’s operators, who encrypted the company’s files. The group put a notice on its news site claiming that it had encrypted the insurance company’s network. If the attackers follow their typical game plan, they already have swiped Chubb’s files and are now threaten to reveal stolen information unless the ransom is paid.” I wonder if they’re insured for that.
And that’s the week that was.