Internet Giant Google warned that world healthcare organizations are subjects of targets by nation-backed hacker groups who are exploiting the loopholes appearing during this coronavirus era. The company said the organizations affected are those working to fight the impact of the pandemic.
According to the cybersecurity unit at Google, there have
been over a dozen state-sponsored hacking syndicates using the COVID-19 theme to
lure their victims and attach malware in their systems and networks.
Earlier this month, the tech giant revealed that it would delete about
18 million coronavirus-themed phishing or malware messages per day and over 240
million pandemic-liked spam messages.
According to Google’s threat analyst, Shane Hunter, the
state-backed hackers are always seeking for opportunities where global events
would give them the chance to exploit organizations and individuals. “Hackers
frequently look at crises as an opportunity, and COVID-19 is no different,”
The threat analysis team at Google has pointed out some
ploys used by such hackers, including websites impersonating genuine public or
government care agencies, messages designed to appear as if they are sent by
remote workers, and fake solicitations for charities.
Huntley explained that a particular hacking group sent phony messages to US government workers. The messages contain offers for delivery options or free meals available from fast food companies as a result of the pandemic. Once the user clicks on the email, it leads to another message that warrants users to provide their Google account usernames and passwords. Earlier this month, British and US security agencies issued warnings, pointing out that several fraud schemes are controlling about 2,500 web addresses during this pandemic era. The security agencies advised that users need to be careful about how they release their login details from unknown emails and pandemic-linked offers.
Many of the messages were automatically sent to the spam
folders, and stapes have been taken to deny related websites looking for user
credentials, Huntley said.
However, he reiterated that there are no complaints from
any government agency about any account being compromised due to the activities
of these hackers. However, it has informed all the targeted users, warning them
that some state-sponsored attackers are trying to infect systems with malware.
Google said it has discovered that some attackers are impersonating health organizations to deceive people into downloading malware. Hackers have impersonated the World Health Organization (WHO) and other humanitarian and government organizations in an attempt to deceive people and convince them to release their credentials.
Some of the Coronavirus-linked emails Google discovered
were the work of “Charming Kitten”, a state-sponsored hacker group from Iran.
Some other hackers carrying the “Packrat” banner were from
South America. Google said these hackers were responsible for the impersonation
of the WHO login page.
Google is now more serious about security,
as the number of hacking incidents has increased amidst the coronavirus
outbreak. Both private and state-sponsored hacking groups have intensified their
efforts to scam their victims by impersonating as health care organizations.
Google wants to tighten security at
over 50,000 accounts that could be owned and operated by state-sponsored
hackers, according to Huntley. He further said that the is no overall increase
in the number of phishing attacks by state-sponsored groups. Rather, their
strategies have changed.
In February, the California-based tech giant added new
lines of security scanners that use deep learning technology to identify
malware, phishing, and spam messages. This development came at the right time
when health care organizations are increasingly being the subject of malware
attacks due to their roles in this period.
This week, Microsoft also pledged to extend its AccountGuard services to healthcare organizations throughout the coronavirus period.
Google has advised employees to always make use of their company’s
enterprise email account for any work-related activity. According to Google, this
will go a long way to curb the level of exposure and vulnerability they allow
for these government-backed hackers.