Google and KPMG Security Experts Share Their Insights on COVID-19 Related Cyber Scams

  • Google and KPMG online security observers share their insights for securing accounts and access, even while operating from remote locations.

  • Hackers and other cybercriminals tend to look at crises as opportunities, and COVID-19 has proven to be the mother of all crises as not only are systems .

  • Cyber scams based on COVID-19 have become prevalent in recent months, as hackers look to capitalize on the virus-driven uncertainty affecting individuals, enterprises .


COVID-19 has created previously unthinkable consequences for our society. Organised crime has been quick to respond, mounting large scale orchestrated campaigns to defraud banking customers, preying on fear and anxiety related to COVID-19. Further, as governments prepare stimulus packages in response to the pandemic and begin providing fiscal support to their citizens, the risk of being defrauded by COVID-19 related scams will likely continue to rise. For the financial sector in particular there are great challenges. The industry has already begun to provide an unprecedented response, but are having to work through their own business continuity issues.


The past two months have seen the largest ever migration of individuals to digital platforms and tools in order to stay connected, for both productivity and personal purposes. Millions turned to virtual tools such as videoconferencing apps, many utilizing them for the first time. At the same time, building closures and the rapid shift towards remote working policies left many enterprises and governmental organizations scrambling to ensure adequate measures had been taken to shield confidential data, private servers, and other exposed systems.



Learn more: THE TIME HAS COME TO BRING IN AI, MACHINE LEARNING AND AUTOMATION IN CYBERSECURITY .
 

“Our systems have also spotted malware-laden sites that pose as sign-in pages for popular social media accounts, health organizations, and even official coronavirus maps".

~ Mark Risher, Senior Director for Account Security .


In an era of social distancing, it is fortunate that technology has evolved to a point that many services can be rendered completely online. Yet with each new helpful technological advancement, comes the possibility of introducing new online security risks. Hackers and other cybercriminals tend to look at crises as opportunities, and COVID-19 has proven to be the mother of all crises as not only are systems vulnerable due to quickly changing world circumstances, but everyone is constantly looking to digital means to keep them connected.

“Such prolific fraud attempts out there, realization of what forms these COVID-19 scams take – and how they should be best handled – should be of urgent importance for both the organizations and the people who work for them. “


Fraudsters posing as members of domestic and international health authorities, such as the United States Centre for Disease Control and Prevention (CDC) or the World Health Organisation (WHO), targeting victims with emails including malicious attachments, links, or redirects to “updates” regarding the spread of COVID-19, new containment measures, maps of the outbreak or ways to protect yourself from exposure. Our systems have also spotted malware-laden sites that pose as sign-in pages for popular social media accounts, health organizations, and even official coronavirus maps.During the past couple of weeks, our advanced, machine-learning classifiers have seen 18 million daily malware and phishing attempts related to COVID-19, in addition to more than 240 million COVID-related spam messages.


Right now, everyone is heavily reliant on their laptops or mobile phones to conduct their everyday needs such as online banking, shopping or donating to causes and charities. Criminals are not afraid to take advantage of that,” warned Tan Kim Chuan, Head of Forensic at KPMG in Malaysia. Mark Risher, Senior Director for Account Security, Identity, and Abuse at Google, says Google’s team of cybersecurity experts have encountered coronavirus-related cyber scams aimed at individuals, companies, and government administrations. Our Threat Analysis Group continually monitors for sophisticated, government-backed hacking activity and is seeing new COVID-19 messaging used in attacks, and our security systems have detected a range of new scams such as phishing emails posing as messages from charities and NGOs battling COVID-19, directions from “administrators” to employees working from home, and even notices spoofing healthcare providers.


Learn more: DELOITTE EXTENDS ITS CYBERSECURITY SERVICES BY PARTNERING WITH PALO ALTO .
 

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va


Other News
Cloud Security

Checkmarx Announces Technology Partner Program to Enable the Industry's Most Extensible, Code-to-Cloud Enterprise AppSec Ecosystem

PR Newswire | October 19, 2023

Checkmarx, the industry leader in cloud-native application security for the enterprise, today announced its Checkmarx Technology Partner program, enabling organizations to easily extend the leading AppSec platform with a wide range of technology partner capabilities. The combination of best-of-breed technology partners with the leading enterprise AppSec platform helps organizations shift everywhere, from code to cloud, with a unified AppSec posture integrated into the software development life cycle (SDLC). Checkmarx' Technology Partner Program helps organizations simplify management across their AppSec programs, get more value out of existing AppSec solutions and drive better security outcomes. Providing broad support for greater AppSec maturity throughout the entire SDLC, the Checkmarx Technology Partner program enables partners and their customers to centralize and simplify discovery in these key areas through Checkmarx One: Vulnerability and risk management systems: Aggregate, normalize and prioritize vulnerabilities and risks with a unified, holistic view with partners like ArmorCode, Brinqa and ServiceNow. SDLC tools: Integrate AppSec at all stages of the software development lifecycle within the environments and tools used daily by analysts, developers and testers with partners like GitLab, JetBrains and Security Compass. Cloud and runtime security: Match cloud assets at runtime with application source code projects so that vulnerabilities found in the developer source code are enriched with runtime context, and runtime cloud security inventories are enriched with AppSec findings – all possible through partners like AWS, Cisco Panoptica and Sysdig. Emerging technologies: Work with the most innovative startups and technologies including AI and GenAI to shape tomorrow's AppSec solutions landscape with partners like Mobb.ai. Expanding this ecosystem simplifies the process of mitigating AppSec risk for our partners' customers, making their applications exponentially more secure during a time of escalating threats, said Kobi Tzruya, Chief Research and Development Officer at Checkmarx. From protecting AI-generated code to helping build trust between developers and security teams, Checkmarx One is already the AI-driven, enterprise-ready AppSec platform of choice. Now working with other leading technology companies to meet the need for streamlined, consolidated solutions will make life easier and applications safer for everyone. Checkmarx recently announced Sysdig as its latest technology partner, bringing runtime container insights into Checkmarx One so organizations can prioritize vulnerabilities associated with container packages that are actually running and that pose the most risk. "The top application security vendors have a responsibility to team up to provide more robust and complete solutions for the world's enterprises," said Bryan Smoltz, VP of Technology Alliances at Sysdig. "By delivering runtime insights within Checkmarx One, customers have clear visibility into the workloads that are running in production so they can make better-informed security decisions. Together, we're helping to bring maximum protection at cloud speed." Technology partners also benefit from the program with new marketing and sales opportunities, and by making their solution readily accessible to Checkmarx' more than 1,800 customers, including 60% of the Fortune 100. The Checkmarx One platform scans more than 100 billion lines of code monthly and its world-renowned Checkmarx Labs security research team provides ongoing threat intelligence to inform product development and to advise customers of their best defenses in today's threat landscape. For more information about becoming a Checkmarx Technology Partner, visit this page. Click here to explore the Checkmarx One partnership ecosystem. About Checkmarx Checkmarx is the enterprise application security leader and the provider of Checkmarx One™, the industry-leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Powered by the intelligence from our industry-leading AppSec security research team, and our AI-driven technology and services, our platform is designed to enable CISOs, AppSec and development leaders to prioritize their teams' focus on what impacts their business. Our offerings secure every phase of development for every application, from the very first line of code through production, while simultaneously balancing the dynamic needs of security and development teams. It's no longer just about shifting left or right - it's about shifting everywhere. We are honored to serve more than 1,800 customers, which includes 60 percent of all Fortune 100 organizations. We are committed to moving forward with unwavering dedication to the safety and security of our customers, and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.

Read More

Cloud Security

Tigera Boosts Calico for Enhanced Security & Performance

Tigera | November 07, 2023

Tigera, a provider of an active security platform for containers and Kubernetes, has announced significant upgrades to its Calico Open Source and Calico Cloud. These improvements focus on enhancing the security, scalability, and performance of Kubernetes deployments for enterprises, providing a comprehensive solution for containerized environments. Given the increased utilization of Windows containers in production, Tigera has introduced the Calico Open Source Windows HostProcess Container feature. It streamlines node pool deployment, eliminating the need for manual node initialization and enhancing Kubernetes administrators' ability to manage Windows container-based applications efficiently. Calico Cloud now introduces a Security Score and Recommended Actions feature, addressing the paramount importance of security in Kubernetes clusters. This feature offers administrators an at-a-glance view of their organization's security posture by monitoring historical trends and risks by namespace. Moreover, it provides actionable recommendations tailored to each workload, fortifying the security of individual workloads and the entire cluster. It supports IPv6 for the eBPF dataplane, meeting the demands of enterprise-class applications by providing scalable, high-performance networking. This innovation ensures optimal performance for latency-sensitive applications and addresses IP shortages. Multi-cluster Kubernetes deployments over VxLAN are on the rise, requiring enhanced application layer observability and security. Calico introduces Kubernetes Cluster Mesh for VxLAN, offering a scalable solution for workload communication and security policy enforcement across Kubernetes clusters. This simplifies complex multi-cluster environments and ensures enterprise infrastructure can run efficiently, securely, and compliantly. These Calico enhancements redefine container networking and security, enabling enterprises to secure, scale, and optimize their Kubernetes clusters with unparalleled confidence. Tigera's Chief Product Officer, Amit Gupta, emphasized the importance of these updates, stating that Calico provides the industry's most complete solution for securing and observing Kubernetes environments. About Tigera Tigera provides the industry's sole active security platform, complemented by comprehensive observability capabilities tailored for containers and Kubernetes. The company's platform operates on a multifaceted front, effectively thwarting, identifying, troubleshooting, and autonomously mitigating potential security breach risks. It offers its platform through two distinct avenues: a fully managed SaaS solution, Calico Cloud, or a self-managed service, Calico Enterprise. Its open-source offering, Calico Open Source, is the most widely adopted solution for container networking and security, shaping the landscape of secure container environments.

Read More

API Security

Salt Security, CrowdStrike Expands Partnership with New Integration

Salt Security | September 20, 2023

Salt Security, a prominent API security company, has announced the expansion of its partnership with CrowdStrike, a leading cybersecurity technology company providing cloud workload and endpoint security, cyberattack response, and threat intelligence services. This expansion involves the integration of the Salt Security API Protection Platform with the widely recognized CrowdStrike Falcon Platform. Roey Eliyahu, Co-founder and CEO of Salt Security, stated, Protecting against API threats requires deep visibility and robust runtime protection. We’re excited to bring our unique strengths in API security to the CrowdStrike customer base with this new integration. Together with CrowdStrike, Salt can provide organizations with extended runtime protections and posture management across the cloud and application landscapes. [Source – Cision PR Newswire] Through this integration, customers gain access to a comprehensive 360-degree view of API security risks, particularly focusing on the application-layer attack surface. This integration is accessible via the CrowdStrike Marketplace and provides valuable API threat intelligence. It also enhances cross-organization API security capabilities by streamlining and enhancing the workflows related to API auditing, monitoring, and enforcement. The partnership between Salt Security, offering top-notch API runtime monitoring and AI-driven insights, and CrowdStrike, renowned for its award-winning AI-powered protection, provides organizations with complete visibility into their API attack surface. This integration also offers valuable context regarding the severity of threats in relation to business-critical aspects. With this partnership, customers benefit from: API vulnerability and threat context API threat mitigation API threat management automation The patented Salt API security platform stands out for its utilization of cloud-scale big data, artificial intelligence (AI), and machine learning (ML). These technologies work in tandem to automate the process of discovering and cataloging an organization's entire set of APIs. Salt plays a crucial role in pinpointing areas where APIs might expose sensitive data. This proactive approach aids enterprises in recognizing and mitigating potential API threats while also reinforcing their overall API security. Gur Talpaz, Head of Falcon Fund and Vice President of Corporate Development at CrowdStrike, said, With APIs now a prime target for malicious actors, securing them requires a comprehensive and diligent approach. Through this joint integration, we can harness the mature AI-driven intelligence of the Salt API security platform with our widely deployed Falcon platform, giving organizations complete visibility into their application-layer attack surface and a detailed understanding of their application threat landscape. [Source – Cision PR Newswire] About Salt Security Salt Security is a leading API security company that safeguards the APIs at the core of all modern applications. Its API Protection Platform is the sole API security solution that integrates the power of cloud-scale big data with time-tested machine learning and artificial intelligence to detect and prevent API attacks. Salt provides extensive context, real-time analysis, and continuous insights for API discovery, hardening APIs, and attack prevention by correlating the activities of millions of APIs and users over time.

Read More

Software Security

SCYTHE Latest Version 4.1 Introduces Enhanced Deployment Flexibility and AI-Driven Productivity Boost

Business Wire | November 02, 2023

SCYTHE, a leading provider of cybersecurity solutions, announces the release of SCYTHE 4.1, the latest evolution in its cutting-edge cyber resilience offering. This release brings new and enhanced features to empower organizations in their continuous efforts to strengthen their cybersecurity posture. SaaS Offering for Unparalleled Flexibility SCYTHE 4.1 introduces its initial Software as a Service (SaaS) offering, providing organizations with newfound deployment flexibility. This SaaS option offers the same robust capabilities as the on-premises version, ensuring that teams can choose the deployment model that best suits their needs without pricing changes. SCYTHE's commitment to flexibility ensures that organizations can secure their infrastructure on their terms. Advanced Agent Support with Scheduling for Continuous Testing To unlock even greater control over security testing, SCYTHE 4.1 introduces advanced agent support with scheduling. This feature allows organizations to perform continuous testing by automating the deployment and execution of security assessments at specified intervals. With the power of scheduling, teams can proactively identify threats, assess controls, and evaluate their readiness to respond to cyber threats. SCYTHE empowers organizations to maintain the highest level of cyber resilience without manual intervention. Cloppy - Your AI-Powered Security Analyst In a significant leap forward, SCYTHE unveils the early access beta release of "Cloppy," its supervised machine learning (ML)-based AI analyst chatbot. Cloppy enhances team productivity, job satisfaction, and cybersecurity capabilities by delivering instant insights and recommendations. This AI-driven assistant will leverage private knowledge base instances, ensuring sensitive information stays secure. Cloppy is poised to become a trusted companion for security professionals, providing real-time guidance and augmenting their decision-making processes. As cyber threats continue to evolve, so must our approach to cybersecurity. SCYTHE 4.1 represents our commitment to innovation and empowering organizations to stay ahead of cyber adversaries, said Marc Brown, Head of Product at SCYTHE. With our SaaS offering, advanced agent support, and the introduction of Cloppy, we're equipping organizations with the tools they need to enhance their cyber resilience while simplifying offensive security. SCYTHE 4.1 Platform is now available for both new and existing customers. For more information on SCYTHE's comprehensive cyber resilience solutions, please visit https://scythe.io. About SCYTHE SCYTHE represents a paradigm shift in cybersecurity risk management, empowering organizations to Attack, Detect, and Respond efficiently. The SCYTHE platform enables collaboration between red, blue, and purple teams to build and emulate real-world adversarial campaigns. SCYTHE's innovative dual-deployment options and comprehensive features ensure a proactive cybersecurity approach. Headquartered in Arlington, VA, SCYTHE is privately funded by distinguished partners dedicated to shaping a more resilient cybersecurity landscape.

Read More

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Resources