Security News

The most common form of surveillance implemented to battle the pandemic is the use of smartphone location data, which can track population-level movement down to enforcing individual quarantines. Some governments are making apps that offer coronavirus health information, while also sharing location information with authorities for a period of time.

Since that wave of panic, United States intelligence agencies have assessed that Chinese operatives helped push the messages across platforms, according to six American officials, who spoke on the condition of anonymity to publicly discuss intelligence matters. The amplification techniques are alarming to officials because the disinformation showed up as texts on many Americans' cellphones, a tactic that several of the officials said they had not seen before.

A Vietnam-linked threat actor tracked as APT32 is believed to have carried out intrusion campaigns against Chinese entities in an effort to collect intelligence on the COVID-19 crisis, FireEye reports. A state-sponsored hacking group also known as OceanLotus and APT-C-00, APT32 is believed to be well-resourced and determined, and was previously observed targeting corporate and government organizations in Southeast Asia.

According to Google's Threat Analysis Group, more than a dozen nation-state-backed APTs are using the COVID-19 pandemic as a cover for their various cyberespionage and malware activities. The email had an embedded tracking link, which Mandiant researchers said contained the victim's email address and a code to report back to the actors if the email was opened.

Hackers working on behalf of the Vietnamese government attempted to break into Chinese organisations heading up the country's coronavirus response, according to infosec outfit FireEye. APT32, a hacking group previously linked to the Vietnamese government, tried to access the personal and professional email addresses of staff at China's Ministry of Emergency Management and the government of Wuhan, where it is believed the pandemic started, according to a report released by FireEye yesterday.

Google on Wednesday warned that nation-backed hackers are exploiting the coronavirus pandemic to target health care organizations and those working to fight the pandemic. A security team tasked with defending against government-backed cyberattacks on Google and its users said it identified more than a dozen state-sponsored groups using COVID-19 themes as bait in phishing and malware traps.

A data breach at the agency in charge of providing financial relief to small businesses during the COVID-19 crisis may have exposed sensitive information of 8,000 business that applied, and may delay payouts, a government official said. The Small Business Administration, which oversees the Economic Injury Disaster Loan program, has notified applicants of the potential data leak, according to a published report by CNBC. EIDL is aimed at helping small businesses weather the economic fallout from shutdowns and the resulting loss of business during the pandemic.

Don Smith, the firm's senior director of cyber intelligence, told The Register: "The threat level is pretty much constant but the actors have significantly shifted their focus, their lures and their phishes to almost exclusive focus on COVID-19," adding: "But that's just the same lures and phishes that would have been coming out with a different subject matter four months ago." "Because of the global appeal of COVID-19 and the longevity of it, everyone's kind of converged on the same theme at the same time," he said.

As more governments consider the use of contact tracing apps to prevent the spread of coronavirus, researchers say privacy will have to be at the forefront of efforts in order for civilians to use it. Rachael Falk, CEO of the Cyber Security Cooperative Research Centre, said with a serious public health crisis like the COVID-19 pandemic, digital contact tracing is helpful as positive cases need to be identified quickly, and particularly if the patients involved are unable to communicate with those who they come into contact with.

Fears over data leaks from remote workers are not only founded, they're much worse than anticipated, said the International Association of IT Asset Managers. The International Association of IT Asset Managers is warning that at-home work due to the COVID-19 pandemic is leading to a spike in data breaches that's greater than anticipated.