Numerous corona bait laid
Cybercriminals regularly adapt their attacks to current major events. In the first half of 2020, the Covid 19 pandemic was the focus of hackers, as the latest report from the federal Melani agency shows.
Whether with false promises for information on the virus, on how to order masks during low levels or messages on online ordering - cybercriminals used the most diverse pandemic topics to deceive victims or spread malware. The 2020 semi-annual report of the Reporting and Analysis Center for Information Assurance (Melani) highlights the most diverse types of cyberattacks that took place in connection with the pandemic (cf. from page 6 of the 31st report). Melani Semi-Annual Report).
Home office: secure handling of remote access
Cybercriminals are also keeping pace with the increased trend toward home offices. That's why the Melani authors are also devoting a chapter to this topic - "Home office - but secure!" (from p. 11). Home office work also means that remote access to corporate networks has increased massively. The security experts therefore remind us of some principles to minimize the risks when dealing with this technology (cf. "Home office: secure handling of remote access".).
As a supplement to the remote access document, a brief information is also provided for the end user to better protect their own environment, thus also reducing the risk for the employer (cf. "Home Office: End User Guideline.").
Industrial control systems (ICS) targeted by ransomware
Not all cyberattacks are related to Corona. In the first half of the year, MROS again recorded an increase in attacks with ransomware. The attackers encrypt data and demand a ransom from the victim to release the data. Until now, attacks with crypto Trojans had targeted the IT infrastructure of the victims and usually only affected control systems collaterally. Now, in the first half of 2020, a ransomware was observed that was specifically designed to hit process controls in industrial control systems (more on this starting on p. 26 of the report). According to Melani's report, "Before encrypting files, the ransomware steals data and then forces a whole series of processes to stop, but without manipulating them or sending commands. These processes affect not only industrial control systems (ICS), but also security or management software, databases and data backup solutions."
Such attacks can have devastating consequences for businesses and the population.
National Focal Point is operational
Since the beginning of this year, the National Cyber Security Center (NCSC) has been the central point of contact for business, the general public, government agencies and educational institutions when it comes to cyber issues. The contact point receives reports of incidents in a uniform manner, examines them and forwards them to the appropriate body. According to data, a total of 5152 reports were registered in the first half of 2020. Fraud attempts accounted for more than half of these, with 825 cases involving advance fee fraud emails alone.
The statistics of the reports received are published weekly on the website of the NCSC published.
Melani "disappears
This is the last time the Melani semi-annual report will be published under this name. With the entry into force of the "Ordinance on Protection against Cyber Risks in the Federal Administration" on July 1, 2020, Melani has become part of the NCSC. The National Cyber Security Center will therefore also be the future sender of the report on the most important cyber incidents.
Source: Confederation
