Friday, May 27, 2022
Latest News from Cambridge and England

NASA sees an “exponential” jump in malware attacks as personnel work from home

EnlargeChristiaan Colen / Flickr
NASA has experienced an exponential increase in malware attacks and..

By admin , in Tech , at April 6, 2020

EnlargeChristiaan Colen / Flickr

NASA has experienced an exponential increase in malware attacks and a doubling of agency devices trying to access malicious sites in the past few days as personnel work from home, the space agencys Office of the Chief Information Officer said on Monday.

A new wave

“A new wave of cyber-attacks is targeting Federal Agency Personnel, required to telework from home, during the Novel Coronavirus (COVID-19) outbreak,” officials wrote in a memo. The wave over the past few days includes a(n):

  • Doubling of email phishing attempts
  • Exponential increase in malware attacks on NASA systems
  • Double the number of mitigation-blocking of NASA systems trying to access malicious sites (often unknowingly) due to users accessing the Internet

The last item is particularly concerning because it suggests that NASA employees and contractors are clicking on malicious links sent in email and text messages at twice the rate as normal. Tricking people into clicking on malicious links or opening malicious email attachments remains one of the easiest ways to gain entry into enterprise networks and individual computers users alike.

NASAs mitigation blocking mechanisms—which likely include blocking access to servers deemed to be malicious or suspicious as well as stopping malicious downloads—can go a long way in reducing the damage that happens when agency computers try to access these destinations. These mitigations arent foolproof, so its important that personnel be trained to recognize phishing attempts and act accordingly.

The risk to all types of attacks is only heightened by the outbreak of the COVID-19 pandemic, which has sent millions of people working from home almost overnight, with little time for IT departments to formalize procedures for maintaining the security of organization networks. The NASA memo stated:

NASA employees and contractors should be aware that nation-states and cyber criminals are actively using the COVID-19 pandemic to exploit and target NASA electronic devices, networks, and personal devices. Some of their goals include accessing sensitive information, usernames and passwords, conducting denial of service attacks, spreading disinformation, and carrying out scams. Cyber criminals have increased sending emails with malicious attachments and links to fraudulent websites, attempting to trick victims into revealing sensitive information and grant access to NASA systems, networks, and data. Lures include requests for donations, updates on virus transmissions, safety measures, tax refunds, fake vaccines, and disinformation campaigns.

NASA is hardly alone in seeing a significant uptick in attacks that capitalize on fear sparked by the ongoing pandemic. Three weeks ago, researchers reported a torrent of coronavirus-themed phishing emails. Some emails posed as official communications from university officials to students and staff. Others masqueraded as World Health Organization communications detailing safety measures to prevent infection.

Researchers from security company Sophos, meanwhile, have tracked dozens of newly created Internet domains containing “covid” and more than 5,000 HTTPS certificates referencing the coronavirus or the COVID-19 disease it causes. The certificates were issued over a three-day span, and the total is likely higher by now.

My new certificate log catcher is sucking in all the covid-19 and coronavirus domain certificates. 3,143 certificates in 24 hours today (UTC), not yet checked for duplicate domains re-registered for additional hosts. Read More – Source