Cyber Security During COVID-19

Date: May 11, 2020
Unclassified
Fully releasable (ATIP)? Yes
Branch / Agency: NCSB/PSC

Issue: Malicious actors are seeking to exploit vulnerabilities that have emerged in the wake of the COVID-19 pandemic.

Proposed Response:

Background:

Attacks on the computer systems that underpin critical infrastructure are a constant concern for businesses, individuals, and governments in Canada. The current COVID-19 crisis makes these concerns even more important.

Threat Environment

The COVID-19 pandemic has underlined the importance of establishing and maintaining effective cyber security practices. Adversaries, both criminal and state, are continuing to use the current situation to exploit, access, and/or extract information to further their agendas and objectives. This tactic is not new as similar galvanizing events, such as elections and terror attacks, have been exploited by malicious actors hoping to capitalize on a target’s susceptibility.

Malicious actors, including cyber criminals, are capitalizing on the increased reliance on technology for social interaction and work by exploiting technical vulnerabilities and launching additional phishing campaigns and scams. Many countries, including Canada, have identified common cyber threat elements and themes related to the COVID-19 pandemic, including:

  1. COVID-19 themed phishing/email scams;
  2. Attempts at exploiting the increased number of employees working from home;
  3. Focused attempts at exploitation of the health sector and COVID-19 related research at academic institutions; and
  4. Malware/Malicious Domains, including those mimicking government benefits-related websites.

Targets of Concern

Malicious actors may be more likely to target the health and government sectors with ransomware attacks due to their increased vulnerability during the pandemic and the increased likelihood that affected organizations will pay the ransom to avoid lengthy shut downs of their critical systems and resultant impact on citizens.

Government of Canada Response

Government of Canada organizations are managing this risk. Federal government interventions to protect its computer systems take many forms, including helping to inform potential targets of attacks and helping computer security professionals adopt best practices to prevent and react to such attacks in order to minimize the impact on essential operations.

The Canadian Centre for Cyber Security (CCCS) is working with the private sector to remove fraudulent sites. Thousands of domains containing the keyword COVID-19 have been registered, and it is likely that many of these domains will be used for malicious purposes such as the distribution of malware or to facilitate on-line spoofing of health organizations and Government of Canada domains.

In order to protect Canada’s critical infrastructure, the CCCS has continued to engage with provinces, territories, municipalities, and industry since the onset of the COVID-19 crisis. The CCCS continues to share advice and guidance with organizations to increase cyber security and prevent successful compromises.

Contacts:
Prepared by: Gregory Bunghardt, A/Manager, National Cyber Security Directorate, 613-990-9608 / 613-558-8231(c)
Approved by: Dominic Rochon, Senior Assistant Deputy Minister, National and Cyber Security Branch, 613-990-4976

Date modified: