Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • UK and US security agencies issue COVID-19 cyber threat update

Security

UK and US security agencies issue COVID-19 cyber threat update

A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK and USA have revealed.


Image copyright Shutterstock

A joint advisory has been published by the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA), which shows that cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organisations with a range of ransomware and malware.

Advertisement
Leonardo RT

Examples of scams include emails containing malware which appear to have come from the Director-General of the World Health Organisation (WHO), and others which claim to offer thermometers and face masks to fight the pandemic.

Elsewhere the agencies have detected cyber criminals scanning for vulnerabilities in software and remote working tools as more people work from home during the pandemic.

As well as alerting people to the threat, the advisory directs them to the support available to counter it. This includes the NCSC’s guidance on dealing with suspicious emails and on working from home securely .

Paul Chichester, Director of Operations at the NCSC, said:“Malicious cyber actors are adjusting their tactics to exploit the COVID-19 pandemic, and the NCSC is working round the clock with its partners to respond.

“Our advice to the public and organisations is to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as UK Government, Public Health England or NHS websites.”

To date the agencies are not seeing overall levels of cyber crime increase, but they are seeing a growing use of COVID-19 related themes by malicious cyber actors.

Bryan Ware, CISA Assistant Director for Cybersecurity, said: “As the COVID-19 outbreak continues to evolve, bad actors are using these difficult times to exploit and take advantage of the public and business. Our partnerships with the NCSC and industry have played a critical role in our ability to track these threats and respond.

“We urge everyone to remain vigilant to these threats, be on the lookout for suspicious emails and look to trusted sources for information and updates regarding COVID-19. We are all in this together and collectively we can help defend against these threats."

The techniques used by attackers prey on people’s appetite for information and curiosity towards the outbreak, with phishing emails and SMS messages using the virus as a lure to trick people into revealing credentials or downloading malicious software.

Phishing attempts often come from what appears to be a trustworthy sender, such as the ‘World Health Organisation’, or with a subject line such as “2019-nCov: Coronavirus outbreak in your city (Emergency)”.

Advertisement
Gulfstream RT

The NCSC and the CISA have also observed criminals scanning for known vulnerabilities in remote working tools and software, which is evidence that they are looking to take advantage of the increase in people working from home. This includes exploitation of the increased use of video conferencing software, where phishing emails with attachments naming legitimate video conference providers aim to trick users into downloading malicious files.

It is expected that the frequency and severity of COVID-19 related cyber attacks will increase over the coming weeks and months.

You can read the full assessment here , which includes indicators of compromise (IOCs) for detection, and guidance for organisations and individuals on how to decrease the risk of cyber attacks.

Refer to trusted resources such as www.gov.uk/coronavirus or the NHS website for official information about the coronavirus.


 

 

 

Advertisement
Cranfield University
Met unveils tech to tackle violence towards women and girls

Security

Met unveils tech to tackle violence towards women and girls

1 July 2025

The Metropolitan Police Service has today unveiled a revolutionary new technology - now being rolled out across London - that makes it easier to photograph and visualise bruising on victims of violence, particularly on darker skins.

Teledyne FLIR OEM unveils new brand and website

Aerospace Defence Security

Teledyne FLIR OEM unveils new brand and website

1 July 2025

Teledyne FLIR OEM, part of Teledyne Technologies Incorporated, today announced the strategic evolution of the Teledyne FLIR OEM brand.

Syensqo and Terma strengthen partnership

Aerospace Defence Security

Syensqo and Terma strengthen partnership

30 June 2025

Advanced materials specialist Syensqo and Terma, provider of mission-critical solutions in aerospace, defence and security, have signed a strategic collaboration agreement to develop joint initiatives in composites for next-generation aerospace and defence applications.

Windracers establishes operational hub in Malawi

Aerospace Security

Windracers establishes operational hub in Malawi

27 June 2025

Windracers, the UK-based designer, manufacturer and operator of Windracers ULTRA - an autonomous heavy-lift cargo aircraft - has begun establishing an operational base at Kasungu Airfield in Malawi.

Advertisement
Teledyne
Police Scotland rolls out body worn video in Highlands and Islands

Security

Police Scotland rolls out body worn video in Highlands and Islands

26 June 2025

Police Scotland’s national roll out of body worn video continues this month, with officers equipped with the new cameras on duty in the Highlands and Islands.

The Met launches Met Engage

Security

The Met launches Met Engage

26 June 2025

Met Engage - new way for Londoners to receive updates directly from local officers - is being rolled out as part of the Met’s focus on neighbourhood policing.

Advertisement
Teledyne