Criminal gangs are exploiting the corona virus to commit cyber related crimes. During this period, Digitpol has appointed an incident response team to provide rapid response to business that are affected by a cyber-attack, data breach, malware or other forms of cyber attacks. If your business has suffered a cyber attack, contact Digitpol for assistance.
The public are being urged to follow online safety advice as evidence emerges that criminals are exploiting the weakness related to the Coronavirus online. Digitpol’s advice is for the public to follow only information from government sources such as your local government or national government website. Cyber criminals are using the internet to spread misinformation with content that contains links to malicious content.
Coronavirus phishing scams started circulating in January, preying on fear and confusion about the virus and they’ve only proliferated since. Last week, Brno University Hospital in the Czech Republic a major Covid-19 testing hub suffered a ransomware attack that disrupted operations and caused surgery postponements. And even sophisticated nation state hackers have been using pandemic-related traps to spread their malware.
Experts from the National Cyber Security Centre have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit COVID-19. Techniques seen since the start of the year include bogus emails with links claiming to have important updates, which once clicked on lead to devices being infected. These ‘phishing’ attempts have been seen in several countries and can lead to loss of money and sensitive data. These attacks are versatile and can be conducted through various media, adapted to different sectors and monetized via multiple means, including ransomware, credential theft, bitcoin or fraud.
Due to the coronavirus, people are working from home on personal devices and issued laptops, the key security risk is the lack of cyber security systems in personal environments. Critical issues such as unsecured Wi-Fi, LAN, additional devices on the same network with weaker security all pose a risk when staff operate commercial or enterprise applications from their homes.
Digitpol’s Cyber Crime and Security Investigation experts investigate, analyse and recover forensic data from the Internet. Digitpol utilises industry standard Internet monitoring platforms to detect keywords and find evidence on servers globally. Data obtained from cyber channels is most effective when linked to physical evidence as additional proof.
When Digitpol is engaged, we ensure that no digital evidence is overlooked and assist at any stage of an investigation, regardless of the size or location of data sources. Claims of leaks, fraud, cyber espionage, financial tampering, computer crime, employee misconduct, and other illegal or wrongdoing actions require corporations, law firms, and government agencies to deploy digital forensic methods to piece together facts that lead to the truth.
The COVID-19 ransomware threat
Ransomware continues to be one of the most severe threats facing organizations of all kinds, especially as attack methods continue to evolve. Like any criminal enterprise, the gangs behind the operation of ransomware will exploit current concerns to infect victims. The coronavirus pandemic is, sadly, not exempt from this. We’ve already seen COVID-19 infection distribution maps laced with malware, and the U.S. Attorney, Scott Brady, has warned people to be wary of an “unprecedented” wave of coronavirus scams.
Lawrence Abrams, the creator of BleepingComputer, reached out to the cybercrime groups behind the operation of some of the most prolific and dangerous ransomware threats. Abrams asked a simple question: will you continue to target health and medical organizations during the COVID-19 pandemic? At the time of writing, two had replied and their answers might surprise many readers. The first to respond were the operators of the DoppelPaymer ransomware threat, who told Abrams that they “always try to avoid hospitals, nursing homes.” When attacking local government targets, they “do not touch 911,” although sometimes emergency communications are hit due to network misconfigurations.
Unauthorised access Investigation
We investigate and analyse unauthorised cyber access or hacking incidents such as when someone gains access to your cloud, server or physical device without your permission. Hackers may gain access to your computer or device through security weaknesses, malware or phishing. Once they have compromised your email, banking or social media accounts, they can change passwords preventing you from accessing your account. Scammers often send out messages impersonating and directing people to fake websites, or asking them to send money. Modern attacks are very sophisticated the fake websites may seem to be genuine.
Malware analysis is the study or process of determining the functionality, origin and potential impact of a given malware sample such as a virus, worm, trojan horse, rootkit, or backdoor. Cyber Criminals may use malicious software (or malware) to monitor your online activity and cause damage to the computer. Malware is often downloaded when people open an infected email attachment or click a suspicious link in an email. Malware can also be used to steal your usernames, passwords or other information, which is then forwarded to a third party.
‘Malware’ is a catch all term to describe different types of malware which include viruses, worms, spyware, trojans or bots. Digitpol’s specialised Malware and Virus analysis team trace malware, detect and remove threats and analyse the function and trace data transfer routes.
Sophisticated attacks Investigation
Sophisticated criminals are active daily to exploit vulnerabilities on computers and other devices. Some of the techniques they use include:
- unauthorised access or hacking – when someone gains access to your computer or device without permission,
- malware – malicious software (such as viruses, trojans and spyware) which monitor your online activity and cause damage to the computer,
- denial of service attacks – an attack which floods a computer or website with data, causing it to overload and prevent it from functioning properly. This type of attack is more frequently targeted at businesses, rather than individuals.
DDOS – Denial of service or distributed denial of service attacks Investigation
Cyber attacks are common and often a method seen is a denial of service attack which floods a computer or website with data, which can overload the system or computer and prevent it from functioning properly. Unlike hacking or malware, it generally doesn’t involve access to the computer system. A distributed denial of service (DDoS) attack is a denial of service attack that comes from multiple systems, often a network of compromised computers.
Email Fraud Investigation
Digitpol’s Cyber and Fraud Team are certified fraud and forensic examiners and can deploy to assist with all cases related to email fraud, email spear phishing attacks, email scams and on-line related fraud. Digitpol can deploy forensic examiners to investigate hacking, determine how it took place and report the findings, Digitpol ensures that hackers are not active in your network and ensure your user accounts policies and rules are configured correctly to prevent further attacks.
Phishing Attack Investigation
Phishing attacks, email fraud, scams, online fraud happens in most cases when cyber criminals find ways to hack into the email servers or accounts of small and medium companies, often targeting those with business in Asia countries. Cyber criminals gain access to email accounts and search through email accounts looking for sensitive information such as outstanding, unpaid invoices or data relating to financial transactions and business between supplier, vendor and clients. When cyber criminals identify a sale or a due invoice, the fraudsters then send various fictitious emails from the hacked email account or an email address replicated to the original purporting to be in charge of the sale or due invoice to be paid, the fraudster is then asking for transfers of funds into a nominated bank account, usually giving an excuse that there is a problem at the bank and an alternative account needs to be used. It is common that the nominated account is in the same name as the company name or with a very slight change such as an extra letter. It is common the bank account to be in the same city as the victim or client.
Office 365 Phishing Attack Investigation
Digitpol’s Cyber and Fraud Team are certified examiners and can assist to all cases related to Phishing attacks, email scams and fraud. Digitpol can deploy forensic examiners to investigate the hack, determine how it took place and report the findings, Digitpol ensures that hackers are not active in your network and ensure your user accounts policies and rules are configured correctly to prevent further attacks.
If your company has been targeted by a phishing attack such as Internet Fraud, CEO Fraud or Email Fraud and Scams and funds have been transferred to a bank account, we can help you, but only if you act fast and if you have the proof. If Digitpol is notified in time, Digitpol will assist to stop the funds from been transferred further and assist with all matters such as reporting the crime to the local Police in the region the funds have been transferred to.
Cyberwarfare is the use of technology to attack a nation, causing comparable harm to actual warfare. ‘Cyberwarfare’ does not imply scale, protraction or violence which are typically associated with the term ‘war’. Digitpol’s Cyber Intelligence Team monitors the most serious threats and rogue actors, we collect Cyber Threat Intelligence 24/7.