Hackers are leveraging ransomware and other malware through phishing lures, malware distribution and domain registration tied to COVID-19. Common themes include scamming, brand impersonation, blackmail and business email compromise.
- A malicious Android app is purporting to provide a real-time coronavirus outbreak tracker but instead attempts to trick the user into providing administrative access to install ‘CovidLock’ ransomware on their device. To create the impression of authenticity, malicious cyber actors may spoof sender information in an email to make it appear to come from a trustworthy source, such as the World Health Organization or individuals with ‘Dr.’ in their title. [HealthITSecurity]
- One blackmail attack claimed to have access to personal information about the victim, know their whereabouts and threatened to infect the victim and their family with coronavirus unless a ransom was paid. This particular attack was detected 1,008 times over the span of two days. [Barracuda]
- Scammers are texting about offers of “goodies” from big box chain Costco, saying it is part of a COVID-19 “stimulus package” for the store’s “loyal customers.” [Prime Patriot]
- Hackers make $130,000 in 48 hours from Windows 10 exploits. Pwn2Own is a series of hacking events that test some of the most talented hackers across the world. These elite security researchers have been exploiting popular software, hardware and services since 2007 in exchange for the kudos. And money. Lots of money. [Forbes]
No question, hackers are zeroing in on vulnerabilities created as millions of Americans are forced to work from home by the coronavirus pandemic. An estimated 70% of breaches start on endpoint devices.
When working remotely, there’s a hidden security danger. All those endpoints and devices connected outside of the office firewall are prime entry points for cybercriminals to target your organization. Without proper protection, it’s open season for a tsunami of malicious ransomware attacks through those unsecured endpoints.
Be on the Offensive – Protect Your Endpoints to Reduce Risks
Magna5’s Endpoint Security can help protect your endpoints to safeguard your critical infrastructure and data. Let’s take a look.
- Improve real-time prevention – Combining attack prevention, detection, response and recovery into a single agent, we can protect Windows, Mac and Linux from a wide range of malicious attacks. Our AI self-learning tools can stop highly sophisticated malware, hacking tools, ransomware, memory exploits, script misuse and other fileless attacks. Both known and unknown cyber threats are monitored at every stage of their lifecycle.
- Streamline granular endpoint management control – We use policy-based configurations that can kill a process, quarantine or delete malicious binaries before they do any damage. Policy-driven protection allows or blocks USBs and endpoint traffic to determine the appropriate response.
- Visualize attacks with real-time forensics.
We can generate forensic information and storyline visualizations, mapping out the attack’s point of origin and progression across endpoints in real-time. We ensure cross-platform visibility into all endpoints, encrypted traffic, and all applications and processes.
- Close the vulnerability gap between detection and response.
We manage the entire incident response process, relieving IT teams of error-prone manual mitigation procedures. Our approach rapidly eliminates threats and returns files back to trusted states.
- Eliminate vulnerabilities on your network.
Good cyber hygiene starts by ensuring all devices and applications are consistently patched and upgraded. We provide deep visibility into every device and application running both on-premise and in the cloud. This allows us to manage the entire patching and endpoint configuration process to proactively minimize the vectors that attackers can exploit.
- Hunt down the hackers.
It’s one thing to keep cybercriminals out. But what if they have already compromised your network. We can actively hunt for hackers using sophisticated algorithms to seek out potential footholds and hard-to-detect persistent threat methods.
Need a multi-layer defense for your endpoint devices? Let us help. Schedule a consultation with our experts.
Mike Penn joined Magna5 as Senior Content Developer. His role is to bring to life stories that inspire or inject clarity in how managed services and emerging trends can be applied to help organizations operate better and more efficiently.