Security News

Cybercriminals aren't sparing medical professionals, hospitals and healthcare orgs on the frontlines of the coronavirus pandemic when it comes to cyberattacks, ransomware attacks and malware. Researchers have shed light on two recently uncovered malware campaigns: one targeting a Canadian government healthcare organization and a Canadian medical research university, and the other hitting medical organizations and medical research facilities worldwide.

A memo sent out this week to all NASA personnel warns that the agency has seen a significant increase in cyberattacks, including phishing and malware attacks, while its employees work remotely during the COVID-19 outbreak. The memo, obtained by space news website SpaceRef, reveals that the number of email phishing attempts doubled in the past few days and there has been an "Exponential increase" in malware attacks on NASA systems.

Among the 411 IT and security professionals surveyed by Check Point and Dimensional Research, 71% said they've seen an increase in security threats or attacks since the start of the COVID-19 outbreak. Some 56% pointed to the task of securing remote access as the top challenge, 55% mentioned the need for remote access scalable solutions, and 47% pointed to remote workers finding and using untested tools and services.

Robert Lee, founder and CEO of Dragos, discusses the dangers cyberattacks pose to critical industrial infrastructures. Dan Patterson: What do we mean when we talk about this abstract idea of infrastructure and connected infrastructure?

Robert Lee, founder and CEO of Dragos, discusses the dangers cyberattacks pose to critical industrial infrastructures.

Cybercriminals are increasingly directing targeted attacks at specific organizations or individuals, says security provider Positive Technologies. In 2019, the number of targeted attacks outpaced the number of mass attacks, showing that bad actors are adopting a more focused strategy, according to Positive Technologies.

A few days earlier, the U.S. Department of Health and Human Services suffered a DDoS attack, assumed to have been launched by a hostile foreign actor, aimed at slowing down the agency's services amid the government's rollout of a response to coronavirus. During an unprecedented time of peak traffic, the risk of a DDoS attack is growing exponentially.

World Backup Day is March 31, and while cyberattacks are a potential threat to their data, many SMBs say they don't have a data backup or disaster recovery process, according to data protection company Infrascale. Among them, 49% said that cyberattacks are their biggest concern when it comes to protecting data, while 58% pointed to security vulnerabilities as their biggest data storage challenge.

Though Tupperware never responded to multiple attempts at contact by researchers, as of March 25, after research was publicly disclosed detailing the card skimmer, the malicious code was removed from the homepage. Researchers first came across the card skimmer during a web crawl, when they identified a suspicious iframe - responsible for displaying the payment form fields presented to online shoppers - that was loaded on the Tupperware[.

SEE: Security Response Policy The report, "The Global State of Industrial Cybersecurity," which includes responses from full-time IT pros in the US, UK, Germany, France, and Australia, found that business security leaders in the US are more concerned about the security of their industrial OT systems than are leaders in other nations. The data also showed that global IT security professionals have a more positive overall outlook about their OT network security compared with their counterparts in the US. About 62% of the global IT respondents said they believe that industrial OT networks are properly safeguarded, compared to only 49% of US respondents.