Title: FBI flooded with pandemic cybercrime complaints
Author: Politico
Date: 17.04.2020
Abstract:
RISING TIDE OF CYBER SCAMS — The
coronavirus pandemic has sparked a massive increase in the number of cybercrime
complaints flowing into the FBI these days, a bureau official said Thursday.
The agency’s Internet Crime Complaint Center, which typically received 1,000
complaints per day before the pandemic, is now receiving 3,000 to 4,000 per
day, according to Tonya Ugoretz, a deputy assistant director of the FBI’s Cyber
Division. “Not all of those are COVID-related,” she said during an Aspen
Institute webinar, “but a good number of those are.”
Coronavirus-related schemes
“really run the gamut,” said Ugoretz, who cited domain names spoofing personal
protective equipment vendors and phishing emails promising government checks or
private loans. The FBI has also “seen people set up fraudulent COVID charities”
or “promise delivery of masks and other equipment and then not deliver,” she
said. When the pandemic first began, she added, “there was this brief shining
moment” when officials thought that exploiting the crisis “might be beyond the
pale” for criminals. “Sadly, that has not been the case.” Ugoretz also
discussed how nation-states have been hacking U.S. health care organizations
involved in virus research.
The webinar also included a
presentation by Marc Rogers, co-founder of the COVID-19 Cyber Threat
Intelligence League, a volunteer coalition of cyber experts who fight back
against hackers. The group’s roughly 1,400 members have taken down nearly 3,000
malicious virus-related domains as of April 14, said Rogers, including sites
impersonating the World Health Organization, the United Nations and the CDC.
The group has also used open-source platforms like Shodan to find more than
2,000 vulnerabilities in “high risk” health care organizations, including 22
remote code execution flaws.
Rogers’ cybersecurity group has
been careful not to recruit volunteers from countries under U.S. sanctions, a
choice that he said provoked “a very heated discussion.” “We see this as a
humanitarian project, but in order for us to have the deep collaboration we
have with government and law enforcement, we have to … be careful about how we
walk that line,” he said. “Trust and the ability to share information is
critical to the success of this project.” The group’s apolitical defensive
activities will still end up helping innocent people in blacklisted countries,
he noted. “By doing that, I think we can protect the whole world.”
CMMC & COVID-19 — The
coronavirus pandemic is unlikely to disrupt the rollout of the Pentagon’s new
digital security standards, a senior official said Thursday. “I don’t think
it’s going to be impactful to the schedule” for implementing the Cybersecurity
Maturity Model Certification, Katie Arrington, the CISO to the undersecretary
for acquisition and sustainment, said during a Bloomberg webinar Thursday.
“Maybe we’ll have a two-, three-week slip on actually doing the first audits,
the pathfinders, but nothing that’s significant,” she added. Arrington said she
is working with the nonprofit board that oversees training of third-party
auditors, as some of that education “has to be done in person.”
DoD will begin putting the CMMC
level requirements as language in select contracts this year, with the goal of
implementing the cyber standards throughout the entire acquisition community by
2025. “The model and all of that is on track,” according to Arrington. “We
really haven’t slowed down because a lot … was able to be done from teleworking
capability. We’re waiting to see what happens.”
TECH GROUPS SUGGEST CYBER
COVID-19 SPENDING — The next coronavirus legislative package should include
funding to boost cybersecurity for the remote workforce, such as money for
training IT executives and upgrades for VPNs, a coalition of tech groups said
in a list of principles released Thursday. The groups — the Information
Technology Industry Council, Alliance for Digital Innovation, the Computing
Technology Industry Association, the Center for Procurement Advocacy, Internet
Association and the Cybersecurity Coalition — sent their ideas to congressional
leaders and the Office of Management and Budget.
The last package “did not
specifically address the potential cybersecurity needs of a remote workforce,”
the groups wrote. Other recommendations include additional dollars for the
Technology Modernization Fund to upgrade aging and insecure federal agency IT,
the General Services Administration’s Federal Risk and Authorization Management
Program that certifies software for federal agency use and the Trusted Internet
Connections 3.0 policy that ensures agencies secure data and networks through
protected connections.
GONNA GO AHEAD AND CALL THAT ‘A
LOT’ — Google said that it saw 18 million daily malware and phishing emails
related to Covid-19 last week. It also said in the same blog post on Thursday
that it saw 240 million daily spam emails related to the virus. The company
boasted that it is blocking 99.9 percent of spam, phishing and malware from its
users. “We have put proactive monitoring in place for COVID-19-related malware
and phishing across our systems and workflows,” company officials wrote. “In
many cases, these threats are not new — rather, they’re existing malware campaigns
that have simply been updated to exploit the heightened attention on COVID-19.”
THIRD TIME’S THE CHARM — CISA
re-upped an alert on Thursday about attacks on Pulse VPN servers and offered
new detection methods, including a tool the agency created. “CISA has conducted
multiple incident response engagements at U.S. Government and commercial
entities where malicious cyber threat actors have exploited” the vulnerability
“to gain access to victim networks,” the latest of three alerts on the subject
reads. Despite a patch issued last April, “CISA has observed incidents where
compromised Active Directory credentials were used months after the victim
organization patched their VPN appliance.”
WILL THE U.S. BE NO. 1? — The
Harvard Kennedy School Belfer Center for Science and International Affairs this
summer will release an index of 30 prominent countries that matches the
nations’ objectives with their capabilities. “The Belfer Cyber Power Index
reconceptualizes the notion of ‘cyber power’ at the country-level to reflect
the different objective(s) that each country is pursuing — demonstrated through
national strategies, rhetoric and action — and their ability to achieve these
objectives,”
Keywords:
|