With a news cycle dominated by the COVID-19 pandemic and racial tensions spilling over in the US, it is easy to have missed some of the things that have been happening in tech and security over the past few months.
Coronavirus has led to increasing cyberattacks
As COVID-19 spreads worldwide, a new wave of phishing and malware attacks looking to exploit the pandemic has been unleashed. According to researchers, over 4,000 domains related to Coronavirus have been created, of which 3 percent are malicious and 5 percent are considered suspicious. One such attack is a spoofing campaign using the domain of the World Health Organization.
The move from office to work from home to ensure business continuity means that employees have been using personal, unmanaged devices to access confidential resources without any security purview. This has opened companies to the risk of data loss and breaches. Governments have issued warnings to remote workers to better understand how to protect themselves from attack, however, many campaigns are so sophisticated that users might not be aware they have been hacked.
According to one source, banking trojan Trickbot has targeted Italy, with users receiving spam with email subject lines that attract attention discussing Coronavirus updates. The attachment is actually a malicious script to deliver a new Trickbot variant.
Healthcare data breaches spike
Hacking groups are targeting the healthcare industry in full force while workers are focused on patients and care. The number of healthcare data breaches in 2020 has doubled in the past few months. As of March, the US Department of Health and Human Services’ HIPAA Breach Reporting Tool listed 105 breaches affecting more than 2.5 million people. Ryuk Ransomware continues to target medical facilities. Healthcare departments, both private and public, are hiring IT security firms to bolster their defences against malware and ransomware.
5 billion records exposed
More than 5 billion records were exposed in the United Kingdom due to an unprotected Elasticsearch database. The unprotected database was discovered by a security researcher and he found security incidents extending back 7 years, including hash types, leaked dates, passwords, email addresses, email domains and leaked sources.
Financial records leaked
An Amazon S3 database left unsecured due to a cloud configuration error, has exposed 425GB of financial records to the Internet. The exposed data included highly sensitive financial information, including credit reports, bank statements, driving license numbers, bank cheque details, bank account information, tax returns, and more. The exposed database was linked to a mobile financial app called MCA Wizard, which was launched in 2018, but has been made obsolete.