Who said “never allow a good crisis to go to waste”?
Who said “never allow a good crisis to go to waste”? [1]
While health professionals and governments are focusing all their resources and attention to fighting the COVID-19 (coronavirus) pandemic, some use this opportunity for their benefit both in the online and offline world.
People with little scruples will use any crisis for criminal and amoral acts. As several reports have shown, online phishing attacks shifted gears and used the outbreak to attack innocent victims, targeting their online credentials or planting malware and ransomware. More recently, they shifted again towards popular remote collaboration tools as a new attack vector.
While cyber security initiatives rally to fight back and protect users and organisations online, we unfortunately also see substantial errors in their reports and published lists of domain names relating to the COVID-19 outbreak. Domain names used for official websites concerning the pandemic are marked as ‘suspicious’ or ‘high-risk’ with high threat scores. Yet our own research indicates that the vast majority of domain names within our namespace which relate to COVID-19 are mostly unused, or informative and owned by legitimate public and private organisations. As expected, there are evidently a number of questionable registrations and these are investigated through our abuse prevention program.
While the battlefront of the COVID-19 crisis is in the hospitals throughout Europe and the world, we have a shared responsibility to ensure trust in our online sources. New online initiatives rising to the challenge – and aiming to help families at home and organisations everywhere – must be able to focus on the task at hand and be established as quickly as possible. To achieve this, the industry needs actionable intelligence; it needs information it can trust and rely upon. Criminal and amoral actors will abuse the situation and must necessarily be stopped – but life-saving information, communication and online initiatives in the wake of this crisis cannot become untrustworthy because they were blacklisted according to inconclusive security standards.
This is the shared responsibility the online community has and its task for the weeks to come. Let’s get to it.
Dirk Jumpertz, EURid Security Manager
--------