Coronavirus: Cyber Threats On the Rise Amid Outbreak

As countries across the world are fighting to contain the outbreak of the coronavirus disease (COVID-19), cyber threats seem to have taken this as an opportunity to use potential vulnerabilities and the widespread panic to further their malicious intent.

learn more about Debroop Roy

By Debroop Roy


You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

As countries across the world are fighting to contain the outbreak of the coronavirus disease (COVID-19), cyber threats seem to have taken this as an opportunity to use potential vulnerabilities and the widespread panic to further their malicious intent.

"While work from home is an inevitable safety measure for saving human lives during the time of this pandemic, government officials have issued warnings about the dangers associated with this new work culture. This is evident with the whopping increase in the number of cyber attacks that are leveraging the panic created," said Pavan Kushwaha, co-founder at cybersecurity firm Kratikal.

According to Kushwaha, around 4,000 website domains related to the virus have been set up since the beginning of the pandemic and almost three per cent of these consist of malware in them.

"Every day, new variants of malware are being released through phishing emails in the name of officials from the World Health Organization," he said.

Another cybersecurity company Lucideus has seen a surge in attacks as well.

"Our SAFE (Security Assessment Framework for an Enterprise) threat intel team has found a number of phishing emails claiming to be from the WHO and other government agencies promising to provide healthcare support to cure coronavirus," said Lucideus co-founder Rahul Tyagi.

Tyagi, citing a separate report, said a wave of 2,500 infections of just two malware strains were delivered in coronavirus-themed emails recently.

Trishneet Arora, founder of TAC Security, said people are offering fake maps that show infected users that require a person to download software to generate fake maps. "In fact, hospital systems were hacked which in-turn had delayed a lot of reports related to COVID-19, endangering the lives of probably millions," he said.

More specifically, a well-known organization in India last week received an email in the name of WHO that was apparently a ransomware variant named Locky, according to Saurabh Saxena, country director for India at global software firm Micro Focus.

"Now that companies have switched to work from home ⁠— using electronic devices and applications more often, the chances of planting a range of malware into devices or playing with the system remotely becomes easier as they may face the possibility of functioning with little or no IT support," said Saxena.

These cyber threats have been taking advantage of vulnerabilities even before countries such as India took preventive measures to contain the spread. Earlier this month, global cybersecurity firm CrowdStrike said it had observed an e-crime actor it tracks, called MUMMY SPIDER, capitalizing on the outbreak with a spam email theme.

"The emails were sent using an email thread-hijacking technique and ultimately led victims to download Emotet malware samples. Thus far, the identified emails have predominantly used Japanese language and spoofed the Kyoto Prefectural Yamashiro Minami Public Health Center," said CrowdStrike's vice president of intelligence Adam Meyers, in a previous statement.

Meyers added that it wasn't only limited to Japanese targets. The company had also seen a China-based group that is tracked under the name of PANDA using lure and decoy content to distribute a remote access tool. This group is known to primarily target government and political entities.

Tips To Protect

According to experts, the easiest way to keep yourself safe from such cyber threat actors is to not click any unidentified links.

Lucideus' Tyagi has some tips that could help identify phishing emails such as being cautious when one sees a suspicious sender address, avoiding emails with generic greetings and signatures such as "Dear valued customer", looking out for poor grammar and misspellings as well as complete avoidance of downloading attachments from senders one doesn't know.

"Additionally, use two factor authentication, VPN services and avoid sharing any sensitive information over email," he said.

Debroop Roy

Entrepreneur Staff


Covering the start-up ecosystem in and around Bangalore for Entrepreneur. Formerly an energy reporter at Reuters. A film, cricket buff who also writes fiction on weekends.

Related Topics

News and Trends

Scam 2023: Inside The World Startup Convention Disaster

To many, the speaker line up for the World Startup Convention (WSC) which had been scheduled for March 24-26, 2023 at Greater Noida may have seemed too good to be true.

News and Trends

Why Government May Ban Related Party Sales Of E-commerce, Food Delivery Startups

"E-commerce companies are permitted to merely operate a pure-play marketplace i.e. a bridge between the buyer and seller and not sell any goods, even their own products on their platforms," said Praveen Khandelwal, secretary general, CAlT


5 Insider Tips for Improving Your Confidence as a Public Speaker

Presenting publicly can be a nerve-wracking experience. Here are five key tips to help you boost your confidence.

Starting a Business

90% of Online Businesses Fail in Just 4 Months. You Can Avoid the Same Fate By Using These Strategies.

It's not catastrophizing when we think about potential failure; it's in fact a chance for any business to precisely see any outcome and prepare in advance.


5 Steps to Communicate Like a Boss

Here are five tips leaders can use to improve their communication skills.


Why Embracing Your Unique Strengths and Talents Will Lead to Success

By identifying and developing one's strengths, aligning with passions, cultivating a growth mindset and positively impacting the world, individuals can unlock their full potential and create a life of abundance, passion and fulfillment.