FB-ISAO‘s Cyber Threat Intelligence Group (CTIG) is closely monitoring COVID-19 and accompanying coronavirus-themed cyber threats and scams. Based on the current situation, the CTIG has decided to increase the Cyber Threat Level from “GUARDED,” to “ELEVATED,” as of 20 March 2020. The CTIG will continue to assess the Cyber Threat Level and provide updates accordingly. At present, this increase is valid through sunset on 31 March 2020, but will be re-evaluated periodically. Please refer to this post for an explainer on the FB-ISAO Threat Levels.
Cyber Threat Level. It is out of an abundance of caution that FB-ISAO has assessed the general Cyber Threat Level for U.S. Faith-Based Organizations as “ELEVATED.” As per FB-ISAO’s definitions of the Threat Levels, “ELEVATED” means FB-ISAO is not aware of any specific or targeted cyber threats, but there is a concern that the general risk of cyber threat activity is higher than normal.
We are all targets of opportunity, and malicious cyber actors are expectedly using this opportunity to prey on our curiosity, concern, anxiety, and fear during this tumultuous time. The increase of threats from coronavirus-based cyber attacks and scams were expected and are akin to spikes in seasonal scams, such as those waged during holiday and tax filing seasons, etc. But seasonal scams have a predictable and somewhat finite (albeit annually repeated) lifecycle. With many organizations, employees, and citizens in a state of flux and uncertainty, cyber threat actors have significantly stepped up their campaigns in hopes to capitalize on the numerous distractions and our eagerness for greater situational awareness during this time. With nearly everyone working and learning from home for the foreseeable future, cyber attackers are leveraging theses added distractions in their social engineering tactics. In other words, while the physical responses and manifestations are of the utmost importance during this pandemic, we live in a digital world, and that is how most people seek and obtain their information. Malicious cyber actors are no respecters of crisis’ and do not hesitate to use whatever means necessary to attack us; they follow the online news cycle and understand the online messaging organizations are disseminating. They continue to use likenesses we trust with subjects we expect to entice us to open their phishing emails, click on their fake websites, or spread their disinformation campaigns – all pretending to be trusted and authoritative sources.