State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

COVID-19 Cyber Threats

NJCCIC Alert

Original Release Date: 4/10/2020

Summary

As the COVID-19 pandemic continues, cyber threat actors continue to use the crisis to victimize individuals, businesses, and organizations. The NJCCIC has observed various phishing campaigns attempting to deliver malicious emails to NJ state employees. These emails use various tactics to trick recipients to click links, open attachments, divulge sensitive information such as account credentials, or donate to fraudulent causes. These tactics include extortion, pleas for charity, impersonation of known individuals or organizations, and claims to have personal protective equipment. The NJCCIC’s email security solution blocked four times more malicious emails referencing COVID-19 in the month of March than in February, as shown in the graph above. As the crisis develops, we also see changes in the tactics and topics used in these emails. For example, as states and healthcare facilities began expressing a critical need for more personal protective equipment and other necessary medical devices, malicious emails claiming to have access to this equipment began circulating. Additionally, when Congress was working to pass a stimulus package, we saw an increase in the number of malicious emails referencing the stimulus, with a peak on the day of and day after the president signed the stimulus into law.

In addition to phishing campaigns referencing COVID-19, cyber threat actors are targeting virtual-teleconferencing (VTC) platforms in VTC-hijacking incidents, such as Zoom-bombing, and continuing to launch ransomware attacks, with healthcare sector entities and small and medium-sized businesses (SMBs) as recent victims. These attacks are even more damaging during this time as it is vital for healthcare entities to have access to resources, though any SMBs were forced to halt or limit operations due to COVID-19, which has negatively impacted revenue.

Recommendations

The NJCCIC recommends users and organizations educate themselves and others on these continuing threats and tactics to reduce victimization. Users are advised to avoid clicking links, opening attachments, or providing personal or financial information in response to emails from unknown senders and exercise caution with emails from known senders. Users are encouraged to research legitimate organizations for monetary or item donations. If you are unsure of an email’s legitimacy, contact the sender via a separate means of communication.

Additionally, we recommend reviewing our resource, “Ransomware: Risk Mitigation Strategies” for guidance on how to reduce the risk of a ransomware infection and associated impacts, and apply the recommendations within. Additionally, please report cyber incidents to the NJCCIC via the Cyber Incident Reporting Form . The US DHS Cybersecurity and Infrastructure Security Agency and the UK’s National Cyber Security Centre (NCSC) released the joint alert “ COVID-19 Exploited by Malicious Cyber Actors,” which includes information on various tactics, indicators of compromise (IOCs), and recommendations.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.