Watch: 'There's Nothing That Attackers Love More Than Chaos' – Working From Home Securely While in Lockdown

Tami Abdollah

Tami Abdollah was dot.LA's senior technology reporter. She was previously a national security and cybersecurity reporter for The Associated Press in Washington, D.C. She's been a reporter for the AP in Los Angeles, the Los Angeles Times and for L.A.'s NPR affiliate KPCC. Abdollah spent nearly a year in Iraq as a U.S. government contractor. A native Angeleno, she's traveled the world on $5 a day, taught trad climbing safety classes and is an avid mountaineer. Follow her on Twitter.

Watch: 'There's Nothing That Attackers Love More Than Chaos' – Working From Home Securely While in Lockdown
media.defense.gov

Since the pandemic hit the U.S. hard in March, there has been a 6,000% increase in spam campaigns, with a particular focus around the keywords "COVID-19" and "coronavirus."

That's according to Wendi Whitmore, the vice president for IBM's X-Force Threat Intelligence, who spoke to dot.LA as part of a virtual panel on Tuesday.

It's been two months now — depending where you live — of working from home. As many businesses now contend with the reality of having their workforce at home for the foreseeable future, or even for the rest of their working lives (see: Twitter), cybersecurity has become a larger challenge, experts told dot.LA Tuesday.


Employees are using their own home internet networks for their jobs as well as for their own personal use, which poses some new dangers and increases the opportunities for attacks by malicious actors. Meanwhile, law enforcement officials and security experts have reported an increase in online attacks and scams, especially those targeting users' concerns and curiosity about COVID-19.

One key takeaway from today's session on securely working from home: In life as well as cybersecurity, if it's too good to be true, it probably is.

Strategy Session: Cybersecurity When Working From Homewww.youtube.com

The ongoing pandemic and social isolation has made people more likely to be online, checking the news, COVID-19 statistics, social media and email obsessively to, for example, figure out when businesses might be opening, whether they've received their federal stimulus funds or when this all ends. They're adjusting to a new normal and trying to multitask while working from home.

"And so, all of these things combined to create a little bit of a chaotic environment, and there's nothing that attackers love more than chaos," said Whitmore. "They can take advantage of it and leverage it, and that's exactly what we're seeing."

Since March 11, Whitmore said her team has seen a 6,000% increase in spam campaigns, and in particular those related to COVID-19 and the coronavirus.

The pandemic has been one of the first times in recent memory where a natural disaster has impacted all people globally, with local governments on up to the U.S. Supreme Court and the military, working from home. And yet, for some companies and other entities, critical staff or those providing an essential service have had members of their team working from offices or out in the community.

That sort of mixed work environment only adds to the complexity of the security needs for an organization, said Joshua Belk, a certified ethical hacker and the executive director of the L.A. Cyber Lab, a nonprofit that provides threat information to L.A. business community.

It's not just the corporate workforce being targeted.

The emergency efforts by localities to address community needs during the pandemic have also been the target of scammers looking for new victims. The L.A. Cyber Lab has been working with the city of Los Angeles and other cities around the Los Angeles area to help them maintain services to citizens in the community by making sure their infrastructure is online and properly guarded through good cybersecurity, Belk said.

These experts say that the attack methods haven't really changed, it's just that attackers are pivoting their methods to use a lure that's much more emotional for those who are targeted.

"They're taking advantage of the fear and uncertainty around COVID-19, that's captured the attention of the entire world," said Satnam Narang, a staff research engineer on Tenable's Security Response team. "It's presented them with a unique opportunity because it's consistently in the news every day, people are worried. So, they might be more inclined to open up an email from say the World Health Organization or the CDC, or depending on where you are regionally, for example, I think the Ministry of Health in China, for example, you know you've seen some emails purporting to be from them (but) obviously they're malicious in nature."

In Canada, scammers went door to door offering test kits for COVID-19, while other attacks include unsolicited text messages or calls that tell people they've tested positive for COVID-19 or a loved one is going to the hospital and they got arrested on the way and need to get bailed out. Some scams have included phone calls where a scammer claims they can get you a reservation for a vaccine if you provide a credit card and social security number.

That "is a big no, no," Narang said. "You never want to provide your social (security number) to anybody."

With U.S. unemployment claims last week rocketing to 36 million over the two-month period, unemployment applications, the Payroll Protection Plan and other business stimulus has also been targeted by attackers who see an opportunity for easy money through online fraud. Even a Nigerian crime ring has gotten into the action, stealing millions from U.S. unemployment programs. With information easily obtained through a phishing attack or scam, attackers can easily steal your identity and make their own application for benefits in a person's name or their company's name.

A lot of people may have already fallen victim to such attacks but due to delays in receiving funds, may not realize the truth until later this summer, Belk said, when reporting will certainly go up.

Meanwhile, social media giveaways have increased to try to help people in need, and bad actors have found yet another avenue of opportunity, targeting those peer-to-peer payment apps like Apple Pay, Cash App, Venmo and PayPal.

Narang has been studying Cash App, specifically, which has also found generous influencers to help with increased giveaways during this pandemic. Scammers would tell victims to send an amount of money, perhaps $10 or a couple hundred dollars, as an alleged processing fee before the person would receive a larger amount. However, once the amount was sent to the scammer, that person would block them and their larger payout would never arrive. The scammers have also created accounts to impersonate influencers who then solicit those initial processing fees, easily reaping money from a large number of unsuspecting targets, Narang said.

"If it sounds too good to be true, it probably is," Narang said. "You should think that you would never have to pay money upfront to win a giveaway if you're being offered money, like by Cash App or one of these influencers."

He also noted that you should never get an incoming request for money.

Despite overall crime amid the shutdown and physical isolation being down, criminal activity in the virtual world has seemed to follow the ebb and flows of the virus, IBM found.

As the virus traveled -- in January and February hitting China and Asia hard, in March hitting Europe hard, and March to April hitting North America hard -- malicious activity and spam campaigns from those particular regions also decreased, Whitmore said.

Those traditional attack groups, from cyber criminals to nation-state actors, are "all back in full force, right after taking a bit of a hiatus for a few weeks, depending on what region they were in," she said.

Whitmore said she's seeing not just spam campaigns but also an increase in attacks now coming from cybercriminal groups and those often more sophisticated nation-state actors that are leveraging COVID-19 to entice users to engage.

That includes recent reports about countries trying to use their electronic attackers to steal vaccine information and patent information in the race to battle the virus and make money off of it too. While other nation-state hackers are trying to exploit the pandemic to target critical infrastructure like the energy, finance, water and power sectors. Such sectors are especially vulnerable to remote access attacks.

Ransomware is another ongoing concern, as it lures the victim to a sketchy link, which enables a hacker to lock you out of your system until and unless you pay them a fee. In the realm of healthcare facilities and hospitals, treating patients, such targeting on an already overloaded system, can be particularly detrimental.

In a scam in March, the malicious actors purported to provide a downloadable version of the Johns Hopkins University's coronavirus tracking map that could live on your computer. It was malware.

Tenable's team had also discovered a cybersecurity vulnerability that allowed a bad actor to potentially pretend to be the shopping app, Instacart, and message any user with a link that could then install malware or be used to phish for their online credentials. Narang said that Tenable immediately informed Instacart and the company quickly patched it on their site.

"The takeaway for everyone is, if it's not something you signed up for. And it's unsolicited, then you've got to watch out," Belk said.

For more details from the panel and tips on how to protect yourself while working from home, check out dot.LA's virtual panel.

Wendi Whitmore, Vice President, IBM X-Force Threat Intelligence

Wendi Whitmore, Vice President, IBM X-Force Threat Intelligence

Wendi Whitmore is a technical leader with almost 20 years of experience in incident response and data breach investigations. At IBM, Wendi was instrumental in creating IBM X-Force IRIS which includes the global X-Force Incident Response, Proactive Services, and Threat Intelligence practices. In her role, she leverages people, infrastructure, data and technology to drive the capabilities of detection and defense against targeted threats for global client organizations. Before joining IBM, Wendi held executive level positions at CrowdStrike and Mandiant, where she was responsible for professional services offerings. Wendi began her career as a Special Agent conducting computer crime investigations with the Air Force Office of Special Investigations.

Joshua Belk, CEH, Executive Director of the LA Cyber Lab

Joshua Belk, CEH, Executive Director of the LA Cyber Lab

Joshua Belk is currently the Executive Director of the Los Angeles Cyber Lab, a non-profit providing threat information to LA Business community. Joshua is a former CSO for the FBI, has held various information security leadership roles with Fortune 200 companies and recently returned from a year long deployment with the Joint Special Operations Command, as reserve US Naval officer. With over 20 years in the security industry, Joshua brings a unique public-private sector experience to any conversation.

Satnam Narang, Staff Research Engineer, Tenable

Satnam Narang, Staff Research Engineer, Tenable

Satnam Narang serves as a Staff Research Engineer on Tenable's Security Response team, where he is responsible for providing technical analysis and remediation recommendations for critical vulnerabilities. Satnam is also a longtime expert on social media scams, conducting research into novel financial scams on Instagram, TikTok, Cash App and more. Before joining Tenable, Satnam worked as Senior Security Response Manager at Symantec and Threat Analyst at M86 Security. He also contributed to the Anti-Phishing Working Group, helped develop a Social Networking Guide for the National Cyber Security Alliance, uncovered a huge spam botnet on Twitter and was the first to report on spam bots on Tinder. He has appeared on NBC Nightly News, Entertainment Tonight, Bloomberg West, and the Why Oh Why podcast.

tami@dot.la

Subscribe to our newsletter to catch every headline.

Cadence

Venture Firm Backstage Capital Laid Off Nine Employees, Reducing Its Staff to Just Three

Kristin Snyder

Kristin Snyder is an editorial intern for dot.la. She previously interned with Tiger Oak Media and led the arts section for UCLA's Daily Bruin.

Venture Firm Backstage Capital Laid Off Nine Employees, Reducing Its Staff to Just Three
Photo by Jp Valery on Unsplash

Venture firm Backstage Capital laid off nine employees, reducing its staff to just three.

Managing partner and founder Arlan Hamilton announced the layoffs Sunday on her “Your First Million” podcast. General partners Christie Pitts and Brittany Davis, along with Hamilton, are the only remaining employees, TechCrunch reported. The move comes only three months after the Los Angeles-based firm said it would only fund existing portfolio companies.

Read moreShow less

A New Tide of LA Startups Is Tackling the National Childcare Crisis

Keerthi Vedantam

Keerthi Vedantam is a bioscience reporter at dot.LA. She cut her teeth covering everything from cloud computing to 5G in San Francisco and Seattle. Before she covered tech, Keerthi reported on tribal lands and congressional policy in Washington, D.C. Connect with her on Twitter, Clubhouse (@keerthivedantam) or Signal at 408-470-0776.

A New Tide of LA Startups Is Tackling the National Childcare Crisis
Image by Carolyn Figel

The pandemic exacerbated a problem that has been long bubbling in the U.S.: the childcare crisis.

According to a survey of people in science, technology, engineering and mathematics (STEM) careers conducted by the city’s WiSTEM Los Angeles program and shared exclusively with dot.LA, the pandemic exposed a slew of challenges across STEM fields. The survey—which consisted of 181 respondents from L.A.County and was conducted between March 2021 and 2022— involved respondents across medical fields, technical professions and science industries who shared the pandemic’s effects on their professional or education careers.

Read moreShow less

MaC Venture Capital Raises $203M for Its Second Fund

Decerry Donato

Decerry Donato is dot.LA's Editorial Fellow. Prior to that, she was an editorial intern at the company. Decerry received her bachelor's degree in literary journalism from the University of California, Irvine. She continues to write stories to inform the community about issues or events that take place in the L.A. area. On the weekends, she can be found hiking in the Angeles National forest or sifting through racks at your local thrift store.

MaC Venture Capital Raises $203M for Its Second Fund
Courtesy of MaC Venture Capital

While venture capital funding has taken a hit this year, that hasn’t stopped MaC Venture Capital from raising $203 million for its second fund.

The Los Angeles-based, Black-led VC firm said Monday that it had surpassed its initial $200 million goal for the fund, which dot.LA reported in January, over the span of seven months. MaC said it expects to invest the capital in up to 50 mostly seed-stage startups while remaining “sector-agnostic.”

Read moreShow less
RELATEDEDITOR'S PICKS
LA TECH JOBS
interchangeLA
Trending