Online ‘phishing’ attacks expected to target housebound staffers as COVID-19 spreads

The number of “phishing” attacks meant to steal the online credentials of public servants and corporate sector employees now housebound due to the COVID-19 pandemic is on the rise, one cyber security expert warns.

Many attempts are being made against employees who are working from home on virtual private works (VPNs). Cyber experts are still gathering data to establish a direct correlation between the pandemic crisis and the increase in malicious activity.

But Rafal Rohozinski, chief executive officer of the SecDev Group of Companies, said this pandemic moment — when large numbers of employees are at home and receiving instructions from their workplaces on how to connect to internal networks — offers online thieves a “huge opportunity.”

Federal government and corporate sector systems were never designed to support a sudden, mass migration of employees from offices to their homes, he said.

“The opening that creates for those who want to wreak havoc through ransomware and malware is really, really significant,” said Rohozinski. “And I don’t think we’re anywhere near prepared for that.

“What we’re seeing is an increase in phishing being used as a means to get people’s credentials.”

U.S. Health Department attacked

The U.S. Health and Human Services Department’s website was hit by a cyber attack over several hours on Sunday, an incident which involved overloading its servers with millions of hits.

Officials said the system was not penetrated, although media reports in Washington described it as an attempt to undermine the U.S. government’s response to the coronavirus pandemic — and may have been the work of a foreign actor.

Rohozinski said that while the facts are not all in yet, his “professional guess” is that there’s a link between the attack and the COVID-19 crisis.

Last week, Canada’s top military commander warned that he’d seen recent indications the country’s adversaries intend to exploit the uncertainty, confusion and fear generated by the pandemic.

Gen. Jonathan Vance, chief of the defence staff, was not specific about the potential threats — but experts say they could range from hacking to online disinformation campaigns aimed at discrediting the federal government’s response.

Rohozinski said he’s concerned about the federal government’s technical capacity to support thousands of employees on private networks.

“Everybody’s moving on to VPNs. Everybody,” he said. “This is an enormous pinpoint and an enormous vulnerability.”

Federal Digital Government Minister Joyce Murray’s office was asked for a response Monday, but was unable to provide an immediate comment.

Many of the country’s leading information technology companies are part of the Canadian Cyber Threat Exchange (CCTE), a nonprofit centre where companies can swap information and insights. A CCTE spokeswoman said the corporate sector is better prepared to face the challenges posed by the mass movement of employees to home networks.

Still, there is reason for concern.

“Given we are moving people to work from home now, companies need to ensure that the work from home environment is as safe as the corporate environment and that people are trained to notice these phishing campaigns, just like they were in the corporate environment,” said Mary Jane Couldridge, director of business development at the CCTE.

“It’s a matter of keeping our community aware of what is impacting Canada daily so we know how to react to it and prevent it from spreading — and not chase rainbows.”

Most corporations have plans they’ll activate now to cover the wholesale movement of employees to networks outside of the office, she added.

CBC