Cyberattackers Are Targeting Organizations Aiding In Covid-19 Response
It has recently been discovered that cyberattacker threats are targeting organizations involved in the global Covid-19 response, according to the UK’s National Cybersecurity Centre and US’ Cybersecurity and Infrastructure Security Agency. Industries that are being targeted include healthcare, academic institutions, medical organizations, and pharmaceuticals.
It was discovered that APTs, or Advanced Persisted Threat groups, pose the greatest cyberthreat to these organizations. APTs are nation or state sponsored groups that aim to infiltrate into computer networks and remain undetected with malicious intent.
Why are these organizations being targeted?
These organizations often collect sensitive information including personal names and medical history in their efforts against Covid-19. The goal of many of these cyberattacks is to gain access to this sensitive information. Using APTs to gain access to this information is beneficial to their own research.
There are several vulnerabilities that are being exploited by APTs to gain access to these organizations’ networks. Firstly, the security hole named CVE-2019-19781 allows for cyberattackers to gain access to sensitive information and execute arbitrary code through a Citrix device.
Next, several vulnerabilities in VPN products from Fortinet, Pulse Secure, and Palo Alto are still relevant today despite having been patched last year. This is because a device that has not had the latest security update applied would still be vulnerable to these known security flaws. Some of these security holes include CVE-2018-13382, which allows a malicious actor to edit a VPN password without authentication, and CVE-2018-13380, which allows cross-site scripting.
Finally, malciious actors are using a strategy called “Password Spraying” to try to infiltrate Covid-19 response organizations. In this type of attack, cyberattackers attempt to guess a user’s password through trial-and-error of the most commonly used passwords, similarly to brute force attacks.
GIGE IT Solutions ensures that your organization is protected against malicious attacks from cybercriminals. Don’t leave your network open to attack – call us at +1 888 366 4443 or firstname.lastname@example.org for a consultation on the best ways to protect yourself today.