Google and KPMG Security Experts Share Their Insights on COVID-19 Related Cyber Scams

Google | May 18, 2020

Google and KPMG Security Experts Share Their Insights on COVID-19 Related Cyber Scams
  • Google and KPMG online security observers share their insights for securing accounts and access, even while operating from remote locations.

  • Hackers and other cybercriminals tend to look at crises as opportunities, and COVID-19 has proven to be the mother of all crises as not only are systems .

  • Cyber scams based on COVID-19 have become prevalent in recent months, as hackers look to capitalize on the virus-driven uncertainty affecting individuals, enterprises .


COVID-19 has created previously unthinkable consequences for our society. Organised crime has been quick to respond, mounting large scale orchestrated campaigns to defraud banking customers, preying on fear and anxiety related to COVID-19. Further, as governments prepare stimulus packages in response to the pandemic and begin providing fiscal support to their citizens, the risk of being defrauded by COVID-19 related scams will likely continue to rise. For the financial sector in particular there are great challenges. The industry has already begun to provide an unprecedented response, but are having to work through their own business continuity issues.


The past two months have seen the largest ever migration of individuals to digital platforms and tools in order to stay connected, for both productivity and personal purposes. Millions turned to virtual tools such as videoconferencing apps, many utilizing them for the first time. At the same time, building closures and the rapid shift towards remote working policies left many enterprises and governmental organizations scrambling to ensure adequate measures had been taken to shield confidential data, private servers, and other exposed systems.



Learn more: THE TIME HAS COME TO BRING IN AI, MACHINE LEARNING AND AUTOMATION IN CYBERSECURITY .
 

“Our systems have also spotted malware-laden sites that pose as sign-in pages for popular social media accounts, health organizations, and even official coronavirus maps".

~ Mark Risher, Senior Director for Account Security .


In an era of social distancing, it is fortunate that technology has evolved to a point that many services can be rendered completely online. Yet with each new helpful technological advancement, comes the possibility of introducing new online security risks. Hackers and other cybercriminals tend to look at crises as opportunities, and COVID-19 has proven to be the mother of all crises as not only are systems vulnerable due to quickly changing world circumstances, but everyone is constantly looking to digital means to keep them connected.

“Such prolific fraud attempts out there, realization of what forms these COVID-19 scams take – and how they should be best handled – should be of urgent importance for both the organizations and the people who work for them. “


Fraudsters posing as members of domestic and international health authorities, such as the United States Centre for Disease Control and Prevention (CDC) or the World Health Organisation (WHO), targeting victims with emails including malicious attachments, links, or redirects to “updates” regarding the spread of COVID-19, new containment measures, maps of the outbreak or ways to protect yourself from exposure. Our systems have also spotted malware-laden sites that pose as sign-in pages for popular social media accounts, health organizations, and even official coronavirus maps.During the past couple of weeks, our advanced, machine-learning classifiers have seen 18 million daily malware and phishing attempts related to COVID-19, in addition to more than 240 million COVID-related spam messages.


Right now, everyone is heavily reliant on their laptops or mobile phones to conduct their everyday needs such as online banking, shopping or donating to causes and charities. Criminals are not afraid to take advantage of that,” warned Tan Kim Chuan, Head of Forensic at KPMG in Malaysia. Mark Risher, Senior Director for Account Security, Identity, and Abuse at Google, says Google’s team of cybersecurity experts have encountered coronavirus-related cyber scams aimed at individuals, companies, and government administrations. Our Threat Analysis Group continually monitors for sophisticated, government-backed hacking activity and is seeing new COVID-19 messaging used in attacks, and our security systems have detected a range of new scams such as phishing emails posing as messages from charities and NGOs battling COVID-19, directions from “administrators” to employees working from home, and even notices spoofing healthcare providers.


Learn more: DELOITTE EXTENDS ITS CYBERSECURITY SERVICES BY PARTNERING WITH PALO ALTO .
 

Spotlight

What if your VPN is securing a malware? Is the VPN used to deliver malware securely? Attackers are leveraging insecure VPN connections to access critical data inside the enterprise.

Related News

DATA SECURITY

Palo Alto Networks and PwC Join Forces to Boost Cybersecurity Defenses

prnewswire | October 29, 2020

Palo Alto Networks, the global cybersecurity leader, and PwC today announced an expanded partnership to deliver managed detection and response (MDR) services to joint customers. The offering combines MDR services delivered by PwC — Managed Cyber Defence — and Cortex XDR™ by Palo Alto Networks. Together, customers can take advantage of a state-of-the-art managed threat hunting, protection, detection and response service from anywhere, globally. The Managed Cyber Defence service fuses the power of PwC's global threat intelligence, thousands of hours of incident response expertise, and advisory services with Cortex XDR, the industry's first fully integrated detection and response platform, to provide a unique level of protection with unrivaled visibility and detection capabilities. As a result, security teams can significantly reduce attack dwell time, down to minutes, and manual day-to-day security operations workloads by up to 90%, elevating organizations to a mature security posture. According to Christina Richmond, vice president of Worldwide Security Services research at IDC, "The evolving threat landscape has forced organizations to mature their security capabilities, creating opportunities for PwC to elevate their offerings and provide a blending of managed security/MDR and professional security capabilities." Built to cater to organizations of any size, in any industry, PwC's Managed Cyber Defense reduces response times from what typically takes days to minutes, minimizing the likelihood of an emerging threat manifesting as a breach. Detection of emerging attacker behaviors and pivoted attack scenarios put organizations on a path to proactive defense against "the unknown," while extending protection across on-premises, cloud, virtualized and IoT environments. Cortex XDR is the industry's first extended detection and response platform that runs on integrated endpoint, network, cloud and third-party data to reduce noise and focus on real threats. By combining Cortex XDR with MDR services, customers can relieve the day-to-day burden of security operations and achieve 24/7 coverage, from alert management and investigation to incident response. Colin Slater, cyber security partner at PwC UK, had this to say: "Our unique market insight and trusted relationships with our clients makes us best placed to advise on their cyber challenges. Using this in-depth knowledge, we have meticulously created a service offering to address our clients' pain points. We are excited to work with Palo Alto Networks as the market demands new ways to do detection and response. COVID-19 has spurred a move to remote work at a scale that has left many businesses more vulnerable than ever to cyberattacks because they are less able to respond and recover remotely. PwC's cybersecurity team has responded to several major incursions from nation-state threat groups and mitigated cyber breaches caused by vulnerabilities introduced through transitions to remote work at scale. Preventing these attacks is a core element of the PwC and Palo Alto Networks approach." Shailesh Rao, senior vice president for Cortex at Palo Alto Networks, offered: "We are thrilled to expand our partnership with PwC through the delivery of best-in-class managed detection and response (MDR) services powered by Cortex XDR to our joint customers. More and more enterprise customers have validated PwC's service over the last year in detecting and responding to cyberattacks. The combination of advisory services, analytics, and modern, AI-driven detection and response capabilities and metrics, with visibility across an enterprise's entire infrastructure, is made possible by our unmatched joint Cortex XDR and MDR service offering." About PwC At PwC, our purpose is to build trust in society and solve important problems. We're a network of firms in 157 countries with over 276,000 people who are committed to delivering quality in assurance, advisory and tax services. About Palo Alto Networks Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. Palo Alto Networks, Cortex, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners.

Read More

SOFTWARE SECURITY

Vulcan Cyber Launches Remedy Cloud, providing thousands of vulnerability fixes with free access

prnewswire | November 04, 2020

Vulcan Cyber, the weakness remediation organization, today declared Vulcan Remedy Cloud, a free assistance based on the world's biggest information base of curated solutions for a huge number of security weaknesses. By sharing the Remedy Cloud library of fixes with the worldwide weakness the board network, Vulcan Cyber gives an amazing asset that smoothes out crafted by remediation by helping security and IT groups all the more viably organize remediation crusades. In related news, Vulcan Cyber today reported Vulcan remediation examination, which adds ground-breaking business insight abilities to its remediation arrangement stage. "Vulnerability management should be a means to an end, but due to process breakdowns there's never an end -- just a growing backlog of vulnerabilities that require remediation," says Yaniv Bar-Dayan, Vulcan Cyber co-founder and CEO. "We've identified a critical breakdown in the process when security teams hand off vulnerability remediation tasks to IT operations teams. Vulcan Remedy Cloud streamlines this workflow by providing both teams with remediation playbooks. This one function is extraordinarily effective at creating cross-team alignment and cooperation. We're proud to offer Remedy Cloud as a free service to our community to help enterprise organizations get fix done." Cure Cloud is an independent, free form of the Vulcan remediation knowledge abilities previously offered through the Vulcan remediation coordination stage. This remediation knowledge is the missing connection for any "found-to-fixed" remediation work process. Vulcan cures incorporate the correct patches, the best design contents, and even workarounds and repaying controls to support security and IT tasks groups rapidly tackle the most troublesome weaknesses. Vulcan remediation knowledge adds endeavor scale remediation arrangements intended to encourage more synergistic and productive remediation by coordinating cures with weakness filter, prioritization, fix and design the executives instruments. Security groups frequently distinguish and organize weaknesses yet the genuine work of remediation is finished by IT tasks, DevOps, and site dependability designing groups. Cure Cloud enables these groups to distinguish and adjust on the most ideally equipped solutions for the work, sparing time and exertion. This Vulcan Cyber freemium offering is important for a more extensive activity to help weakness the board programs become more compelling at driving remediation results. With Remedy Cloud, Vulcan Cyber opens a significant asset to whole infosec and IT people group to advance a "complete fix" outlook. Vulcan Cyber is assisting with quickening the business' move from uninvolved weakness the board to dynamic weakness remediation and robotized digital cleanliness. About Vulcan Cyber Vulcan Cyber has developed the industry's first vulnerability remediation orchestration platform, built to help cybersecurity and IT operations teams to collaborate and "get fix done." The Vulcan platform orchestrates the remediation lifecycle from found to fix by prioritizing vulnerabilities, curating and delivering the best remedies, and automating processes and fixes through the last mile of remediation. Vulcan transforms vulnerability management from find to fix by making it possible to remediate vulnerabilities at scale. The unique capability of the Vulcan Cyber platform has garnered Vulcan Cyber recognition as a 2019 Gartner Cool Vendor and as a 2020 RSA Conference Innovation Sandbox finalist.

Read More

DATA SECURITY

WafCharm on Microsoft Azure Launches Cyber Security Cloud

businesswire | December 01, 2020

Cyber Security Cloud, Inc. (CSC) is pleased to announce the availability of WafCharm on Microsoft Azure. Already available to over one million Amazon AWS users around the world, this launch provides Azure users with AI operation of Web Application Firewall (WAF) rules, expanding WafCharm’s availability to 60% of the world’s cloud users. Microsoft Azure users now have access to the same WafCharm benefits for securing their web applications in the cloud as do their Amazon AWS counterparts. By making WafCharm available on two of the industry’s top cloud platforms, businesses benefit by being able to select the cloud service that best fits their needs while enjoying the ease-of-use WafCharm offers. “WafCharm automates WAF rules using machine learning and big data without requiring security experts to customize the system,” CSC’s CTO, Yoji Watanabe, stated. “With CSC’s expertise in the cloud-WAF industry, Azure users can optimize their cloud functionality and focus resources on their businesses instead of constantly fine-tuning WAF rules to the latest security threats.” WafCharm automatically customizes WAF rules based on their applications and system, and continuously adjusts and manages them. Users can now focus on business operations with fewer security worries as WafCharm takes care of: building, testing and tuning rules; researching vulnerabilities, and creating new rules. “Deploying and operating WAF without a purpose-built tool like WafCharm is a time- and resource-intensive operation. And companies with limited resources are not able to respond immediately when problems happen,” said Yosuke Matsuura, Infrastructure Team Leader of CAST PLATFORM at Hachidori, Inc., developer of chatbot and shift and attendance tools. “With CSC’s WafCharm, we've been able to maximize WAF's security features in a hassle-free way. I highly recommend it to anyone deploying WAF.”

Read More

Spotlight

What if your VPN is securing a malware? Is the VPN used to deliver malware securely? Attackers are leveraging insecure VPN connections to access critical data inside the enterprise.