Get Started Today!  (415) 295-4898

croom new

415 IT Blog

We’re Seeing an Increase in COVID-19-Related Cyberattacks

We’re Seeing an Increase in COVID-19-Related Cyberattacks

Since the beginning of the COVID-19 situation in March, creating a vaccine has been a major priority. True to form, hackers have begun targeting the very organizations responsible for the vaccine trials. There’s a lesson to be learned, today we’ll discuss it.

Cozy Bear

According to the UK’s National Cyber Security Centre, a group with the moniker “APT29” (who is also known as “Cozy Bear” or as “the Dukes”) has started to relentlessly hack organizations tabbed with creating a vaccine for COVID-19. These claims have been corroborated by both US and Canadan authorities, and present a significant roadblock to the progress of COVID-19 vaccine production. 

In fact, the National Cyber Security Centre released a report that goes on to describe APT29’s use of several exploits in conjunction with spear phishing attacks to gain access to CSC’s network and infrastructure. Once network security is breached the organization gets busy deploying malware known as WellMess or WellMail.

CSC has been working with software vendors to patch vulnerabilities. Software that has been patched doesn’t provide the exploitable pathways that often lead to problems. 

Experts believe that this is not the first time APT29 has struck and that this threat should be taken very seriously. The organization is believed to be behind the 2016 hack that broke into the Democratic National Committee’s systems. The group has also been suspected of attacks against various healthcare, energy, government and other organizations.

Spear Phishing 

We relentlessly discuss phishing in our blog, because it is one of the biggest threats to maintaining network security. Most phishing attacks are messages sent randomly, but the spear phishing attack is one that is planned and executed deliberately to target one person. Hackers look for a weak link and try to take advantage of it. 

While your organization probably won’t be targeted by major hacking collectives, it is still important that you and your staff know how to identify a phishing attack and what to do if you suspect you are being attacked. Here are a few tips:

  • Always check the details. Legitimate emails are sent from legitimate email addresses. Take a look at the email address of suspect emails and you’ll likely see a potential ruse. 
  • Proofread the message. Most business correspondence is proofread before it is sent. If the spelling and grammar looks as suspect as the email is, it’s likely illegitimate.
  • Reach out. If there is any question, reach out to the organization/person sending the message. The more you know, the less likely you will fall for a scam. 

Identifying phishing attacks has to be a major point of emphasis for your company. Call 415 IT today at (415) 295-4898 for help with getting the resources you need to properly train your team. 

Data Services Your Business Should Be Using
Your Business Needs a Well-Structured Mobile Devic...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, September 21 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to

Mobile? Grab this Article

QR Code

Tag Cloud

Security Tip of the Week Productivity Technology Business Computing Best Practices Data Backup Data IT Support Network Security Privacy Hosted Solutions Cloud IT Services Data Recovery Efficiency Internet Email Software Business Malware Managed IT Services Outsourced IT Innovation Small Business Collaboration Hackers Google Business Management Tech Term Cybersecurity Cloud Computing Hardware Upgrade User Tips Phishing Business Continuity Computer Windows 10 Microsoft Managed Service Mobile Devices Smartphone VoIp Workplace Tips Communication Mobile Device Quick Tips Android Managed Service Provider Ransomware Disaster Recovery Backup Paperless Office Covid-19 Smartphones Encryption Communications Office 365 Business Technology Remote Work Saving Money Browser Data Management Server Managed IT Network Remote Monitoring BDR Artificial Intelligence Holiday Vulnerability Wi-Fi Document Management Users Social Media Healthcare Internet of Things Compliance Passwords Windows 7 Chrome Help Desk Government Save Money Facebook Miscellaneous Laptops Applications Microsoft Office Blockchain Managed IT services Data Security Project Management Vendor Management Avoiding Downtime Virtualization Two-factor Authentication Analytics Redundancy Antivirus Scam Bandwidth Processor Health Office Automation Tip of the week Employer-Employee Relationship Information Regulations IoT Proactive IT Management Gadgets Meetings Hard Drive Data Loss Customer Relationship Management Mobile Office Maintenance Storage Router VPN Machine Learning BYOD Employee-Employer Relationship Files Access Control Website Virtual Private Network Infrastructure Windows Apps Company Culture Mobility Software as a Service OneDrive Training RMM Dark Web Augmented Reality Internet Exlporer Management Smart Technology Social Network Computing Monitoring File Sharing Assessment Alert Remote Worker Remote Monitoring and Management Network Management Password Financial Operating System Consultation Bring Your Own Device Flexibility HIPAA Utility Computing Mobile Security Employees Co-Managed IT Networking Electronic Health Records Unified Communications Instant Messaging Time Management File Management Search Consulting Downtime Gmail Payment Cards The Internet of Things Recycling Cooperation Unified Threat Management Managed Services Provider Risk Management Information Technology Remote Workers Money Net Neutrality Managed Services Word Professional Services Tablet Server Management Data Storage Patch Management Data Breach Settings Personal Information Budget Downloads Human Error Managing Stress 5G Mobile VoIP Credit Cards Printing Chatbots Authentication Manufacturing Vendor E-Commerce Nanotechnology Theft Wires Google Calendar Fraud Virtual Assistant Bitcoin Address Gamification WiFi Mirgation Alerts Websites Batteries CRM Mobile Computing Electronic Medical Records GDPR Digitize Transportation Active Directory OneNote Spam Permission Enterprise Content Management Virtual Reality Wireless Internet Big Data Computers Techology Wearable Technology Star Wars Travel Identity Theft Authorization Enterprise Resource Planning Firewall Smart Devices Windows Server 2008 Features App Wasting Time Current Events Politics Cache Comparison Licensing SaaS CIO applications Content Filtering Geography Shadow IT Technology Laws Windows Server Emergency Multi-Factor Security How To Social Networking Test Data Warehousing Employer/Employee Relationships Apple Outlook Holidays Disaster Resistance Private Cloud Technology Tips Outsource IT Printer WPA3 Identity Distributed Denial of Service Touchscreen Hacking Hard Disk Drives Sensors Screen Reader Procurement Legislation Database Remote Computing Specifications Remote Modem High-Speed Internet Notes Outsourcing Unified Threat Management Heating/Cooling User Management Peripheral G Suite Operations Proactive Maintenance Solid State Drive Shortcut IT Proactive IT Tech Support Bookmarks ROI Digital Payment Hotspot Laptop Fleet Tracking Zero-Day Threat Mobile Managed IT Service Trending Solid State Drives Optimization Cyberattacks Smart Tech Social Voice over Internet Protocol Projects Customer Service Black Friday Statistics Value of Managed Services Lenovo Banking Mobile Device Management Development PowerPoint Display Video Conferencing Language Servers Teamwork Samsung PCI DSS Motherboard Wireless Chromebook Cybercrime Cyber security Business Telephone IT Consulting IT Technicians Favorites Cost Management Mouse Return on Investment Remote Working SharePoint Asset Tracking Backup and Disaster Recovery Break Fix Options Telephone Virtual Machines Read Only Connectivity Security Cameras MSP Migration Finance eWaste Cyber Monday Staff Bluetooth Superfish Point of Sale Cookies Tech Terms Cables Permissions Recovery Mail Merge Biometric User Error Computing Infrastructure Shared resources Going Green Vulnerabilities Microsoft Excel Database Management IT Assessment Conferencing Printers Marketing Education Regulation CEO Students Daniel Stevens Twitter

Latest Blog

Did you know that, as of July 2020, 69 percent of global desktop Internet users utilized Google Chrome as their browser of choice? With such a large market share, the security associated with Google Chrome is important to keep in mind. To help increase some of this awareness...

Latest News

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...