I have spent a bulk of the day trying to scour all of the Cybersecurity news headlines to see if there is anything different other than Coronavirus.  Unfortunately, there isn’t anything else out there, it is all the same thing, as to how Cyberattackers are using this horrible situation to capitalize upon the fears, anxieties, and panic of what is not only happening here but around the world.

From what I have been reading through all of these headlines, it all is pretty much coming down to one thing:  It all comes down to using different forms of Phishing attacks.  When one thinks of Phishing, normally the thought of receiving of a phony Email from PayPal or from some charity often comes to mind.  But the Cyberattacker has gone far beyond this.

For instance, as I wrote in a previous blog some weeks ago, Cyberattackers can easily purchase Phishing based templates and even rent out “Phishing as a Service” on the Dark Web for literally pennies on the dollar (we will be talking more about the Dark Web here in a little bit).  There are spoofed websites that look so real that even trained Cybersecurity professionals have a hard time discerning what is real and what is fake.

But in the wake of the Coronavirus, Cyberattackers today are crafting their Emails not so much directing victims to spoofed financial websites, but rather to other fake websites that claim to offer real time information and tips on how to protect yourself and help stop the spread of the Coronavirus.  Of course, you can’t just download these materials, you have to submit your username and password, and once you have given that, then the damage is pretty much done.

Also, there are tons of fake ads coming out on the Social Media sites advertising for cures and vaccines that have come out for the Coronavirus.  Keep in mind that these are not the deals, and if you get them, one of two things will happen: 1) You will either lose all of your money, or 2) If you have paid and receive something, it will some kind of concoction that is not known, and will probably be poisonous to drink.

Keep in mind that there are some real vaccines that have come out, but they are still being tested, and have not even been tested on humans yet.  They first have to be tested on animals, and from there, if the tests prove promising, only then will they advance to the human being stage.  But even coming out with a real vaccine that will be available on a global basis is still at least 12-18 months away.  But apart from this, the Cyberattacker is also using Social Engineering techniques resorting to making fake calls, and even fake text messages.

In all of this mass hysteria and craziness, the World Health Organization (WHO) and other leading health related agencies have asked the Cyberattackers of the world to ease back and not to take advantage of this precarious situation.  An believe it or not, yes, there is a human and empathetic side to the Cyberattacker, and they do appear that they will back down.

This is based from a formal research that was conducted by a Cybersecurity firm known as Digital Shadows, noticed some of the following trends that they noticed on the Dark Web:

*There are forums and message boards that are popping up asking for Cyberattackers not to profit illegally during this pandemic;

*Expressing a sense of solidarity and support for all of the countries around the world that have been afflicted with the Coronavirus;

*Yes, believe it or not, there are even legitimate postings out there on how to really protect yourself from the Coronavirus.

In fact, the illustration below demonstrates the increased level of activity with regard to Coronavirus searches on the Dark Web:

(SOURCE:  https://www.securitymagazine.com/articles/91941-digital-shadows-report-dark-webs-reaction-to-covid-19)

It is important to note that the search terms in compiling this data were either “Coronavirus” or “COVID-19”.  The diagram up above represents a dramatic 738% increase in the usage of these search terms on the Dark Web.  Experts at Digital Shadows don’t think there is really to noteworthy about this trend, this interest has only spiked just because it has received so much of attention in the news media outlets.

Here are some other trends that the team at Digital Shadows have discovered on the Dark Web:

*There are also have bee many forum postings from Cyberattackers as to how their respective countries are faring in this crisis.  For example, one such forum, known as “Torum”, has been flooded with comments from Cyberattackers as to how their families and friends are doing in the European Union, especially in those countries of Spain and Germany.

*There have been postings on other Dark Web forums as even to the lack of empathy and sympathy for the victims who have been afflicted by the Coronavirus.

*There are other Dark Web forums, known as the “BlackHat World”, the “Cracking King” and the “Cracking Soul”.  There are Cyberattackers even here posting content with concerns for their counterparts in other parts of the world as well, especially those in Italy and asking the hacking community to take special care of their elderly family members.

*On other forums, there have even been discussions about how the Cyberattacker community needs to come together to aid those most in need.

In fact, there was one Cyberattacker who posted on a forum as to what the best way to take advantage of this situation is, and yes, he was booed by large numbers by his fellow community and I think was even kicked off the forum permanently.  But overall, the trend on the Dark Web appears that Cyberattackers are urging their “colleagues” to totally back off, and not take advantage of this already fluid and precarious situation.

My Thoughts On This

There have even been some Cyberattacking groups that have publicly acknowledged that they will not launch any new threat variants, at least not against healthcare organizations and healthcare facilities.  But that does not mean that they won’t attack other targets as well.  In this time of despair, I am actually making a personal plea to the hacking community: 

Come over to the good side.  Use your deep founded skills and knowledge in protecting the people of the world, and not make them suffer any more during this time of great need.

Use all of your skills and knowledge to help scientists around the world to help the scientists and doctors around the word.  True your skills are probably computer and technology related, but people need that in coming up with a cure.  You can help the medical community to enhance their computer systems, and even introduce new processes that can comb through large amounts of datasets and even automate them.

Remember in the end, we are all citizens of this world.  We all must come together to serve in the common good of fighting off this virus so that are populations can live longer, and make this world just that much a better and productive place to live in.