How the Coronavirus Pandemic Fueled Ransomware Attacks

In this Oct. 8, 2019, file photo a woman types on a keyboard in New York.

In this Oct. 8, 2019, file photo a woman types on a keyboard in New York. AP Photo/Jenny Kane


Connecting state and local government leaders

Speaking at a cybersecurity summit, federal law enforcement officials said hackers have exploited the public health crisis to launch new attacks.

The economic downturn caused by the coronavirus pandemic has already fueled a rise in ransomware attacks as bad actors turn to them as an easy way to make money, cybersecurity experts said on Wednesday.

Speaking at the Cybersecurity and Infrastructure Security Agency’s (CISA) annual cyber summit, federal officials discussed trends in ransomware use and how bad actors have incorporated the coronavirus pandemic into their attacks.

“Few were prepared for the all-remote lifestyle the pandemic has required and attackers began to take advantage of that remote working lifestyle nearly as quickly as we adopted it,” said Boyden Rohner, the associate director for vulnerability management at CISA.

Phishing attacks, when bad actors send emails to try and lure targets into disclosing sensitive information such as banking information or passwords, were already the favorite attack method before the pandemic. But hackers have sought to use the outbreak as a form of cover for their attempts, Rohner said. Fake domains and websites purporting to be public health or coronavirus-related have sprouted up as hackers attempt to make phishing emails look legitimate in order to get targets to disclose personal information or to download malware.

So far this year, CISA has identified more than 7,000 fraudulent domain names that it has sought to have taken down, Rohner said.

State and local governments have been a growing target of ransomware attacks in recent years, with hackers increasingly demanding larger payouts. While many local governments have turned to cyber insurance as a way to help them bounce back and restore their computer systems after a cyberattack, experts have warned that insurance companies may exacerbate the problem by encouraging local governments to pay ransoms.

In addition to the creation of new pandemic-related schemes, law enforcement officials worry that the public health crisis could also lead more people to consider turning to ransomware as a source of cash.

“Times are tough right now,” said Jason Conboy, an agent with the Department of Homeland Security’s Homeland Security Investigations. “People are out of work, working from home, it’s the Superbowl for cybercriminals.”

The ease with which bad actors with little to no technical knowhow can pay someone to deploy ransomware for them has also raised red flags among law enforcement.

“The elite level of sophistication needed to perpetuate a ransomware attack is almost not necessary,” said Mike Moran, a special agent with the U.S. Secret Service. “If you are just looking to make a quick buck and pay the ransomware developer a commission to use the software of the exploit, it’s a pretty easy business.”

To crack down on the bad actors deploying ransomware, federal law enforcement officials said they investigate not only those behind the hacks, but also anyone who assists their exploits by laundering money or operating online marketplaces where their malware can be bought and sold.

Andrea Noble is a staff correspondent with Route Fifty.

NEXT STORY: Why Everything Is Sold Out