Connect with us

Security

There’s now coronavirus-themed ransomware making the rounds

Hackers are exploiting the crisis and using the vulnerabilities of businesses to their advantage.

florida pays malware ransom
Image: Corporate Bytes

Cybercriminals are always looking for ways to earn money, and they stop at nothing to achieve their goals. This time, they’ve gone as far as to abuse the COVID-19 pandemic for their personal gain. 

A coronavirus-themed malware has appeared, and all devices are at risk. Let’s see how these attacks work and what you can do to protect your organization.

Malware Leverages the Novel Coronavirus for Extortion

In a nutshell, the culprits infect corporate systems with crypto-locking malware. Then they demand money to restore access to systems and networks. Recently, hospitals and healthcare institutions became the primary target. They store tons of valuable data that they can’t afford to lose or have exposed. 

One such example is the Illinois Public Health District, which was attacked by the Netwalker ransomware. The attack resulted in their website being down. Fixing the issue would take weeks to complete. And amidst the overflow in traffic and obligations concerning the coronavirus, waiting that long was not an option.

Another terrible attack happened in the Czech Republic. The attacked institution runs one of the country’s biggest coronavirus testing labs. The hospital had to shut down its entire IT infrastructure and cancel all upcoming operations to deal with the issue. 

Many of the targeted institutions don’t have proper cybersecurity crisis strategies in place, nor do they have the funds to pay for the ransom. So, such malware hits them especially hard.

Mobile Devices Are Also at Risk

As expected, malicious actors expanded their attack scope to mobile devices as well. They started creating and uploading COVID-19 themed apps. One such app is CovidLock. It is disguised ransomware that locks the victim’s phone until they pay a ransom fee.

Hackers advertised it as a real-time COVID-19 update app. Its “functions” included extracting information from a legitimate website, tracking coronavirus cases around the globe. It also promised to publish news related to the pandemic. The attackers even went as far as to post banners and other ads all over the internet. It enticed new victims into downloading the malicious app. 

If the user took the bait and downloaded the app, upon installation, the app would ask for the full access to the device. Anyone who wanted to track coronavirus stats and know when an infected person is near their vicinity had to grant the permission.

Once the victim did, the app would gain full control over the device. Luckily, researchers have managed to reverse-engineer the ransomware key. They shared it publicly, so the victims would be able to access it. 

But not all ransomware victims get a happy ending. Many businesses go bankrupt after suffering a cyber-attack. Not to mention, they can also get hefty fines for not protecting customer data and damage their reputation. 

Protect Your Business From Ransomware


Cybercriminals are relentless. All businesses must take extra care to protect their systems, especially in this vulnerable time. Below are some precautionary measures you should consider implementing to protect your business.

Use File Encryption Software

Encrypting files is an excellent idea because, if you get hit by ransomware or malware, hackers won’t be able to read any sensitive documents. The data would be unusable, and the secrets of your company or private customer information would be safe. 

When choosing a suitable solution, make sure to go for premium or enterprise encryption software. It usually offers more comprehensive security features.

Make Regular Backups

Backing up your files is also essential, especially after encrypting the data. Encryption ensures that hackers can’t read or use the hijacked material. Meanwhile, backups enable you to continue running your business like nothing ever happened. 

Cybersecurity experts recommend storing at least one copy of the data offline, or on separate devices. Then you would be able to access it without any problems if a crisis occurs.

Educate Employees

Human error is among the leading causes of data breaches and other forms of cyberattacks. Employees often lack the knowledge and thus fall for phishing scams or download malware by accident. 

Therefore, it’s vital to ensure that your employees follow the best cybersecurity practices. It’s the key to maintaining a stable and secure business environment. 

Hope For The Best But Prepare For The Worst

It comes as no surprise that cybercriminals can be quite relentless. But this has hit a new low. Not only do they affect healthcare institutions, but they also impact the lives of their patients. 

Hackers are exploiting the crisis and using the vulnerabilities of businesses to their advantage. If you haven’t implemented precautionary measures, now would be the time to do so. Educate your employees on how to recognize and avoid potential threats and stay safe.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Security