|
Cyber Daily: Some Hackers Are Likely Playing a Long Game With Coronavirus Schemes
|
|
|
|
|
|
Hello. Coronavirus hackers could lie dormant in corporate and government networks for a long time, WSJ Pro’s David Uberti reports. IT teams, overstretched by the world’s largest remote-work experiment, might not be able to keep up with patching plans, while nonessential businesses that have effectively closed shop could prove to be easy targets. Those challenges come as workers’ use of private devices and services give attackers ample opportunity to avoid employers’ detection tools.
Also today: Children's Android apps among those found to contain malware; and student privacy at risk during remote learning.
|
|
|
|
|
Kim Borton worked from home while her children created an art project in Beaverton, Ore., earlier this month. Millions of Americans are working from home amid the coronavirus pandemic, and experts say overstretched IT teams might not be able to keep up with updating their networks. PHOTO: CRAIG MITCHELLDYER/ASSOCIATED PRESS
|
|
|
Coronavirus cybersecurity fallout might not be felt for weeks or longer. The expected delay highlights how confusion from the pandemic has created long-term security risks that could eat up precious resources as the economy hurtles toward a recession.
“Very well-organized criminal organizations or nation-states—they can wait,” said Nicolas Fischbach, chief technology officer of Forcepoint LLC, a cybersecurity firm that specializes in data protection. “They get to more data. They can learn more about the environment.”
While some attackers use ransomware for an immediate payout, more sophisticated groups could use the upheaval to penetrate networks and quietly search for bank account numbers, trade secrets or personally identifiable information that is financially or politically valuable.
Read more here.
|
|
|
|
|
“They’ll then start siphoning off those resources as inconspicuously as possible, or wait to hit all the assets in one fell swoop when the company is most vulnerable.”
|
—Stephen Breidenbach, a cybersecurity and privacy lawyer at Moritt Hock & Hamroff LLP, describing the stealth tactics of some hackers
|
|
|
|
|
|
|
The Google Play Store app is seen on an Android phone. PHOTO: OMAR MARQUES/ZUMA PRESS
|
|
|
56 Android apps for children and adults contain malware that leads to advertising fraud. The apps—which include games, puzzles and calculators, among other services—were removed from the Google Play Store after they were found to carry malware that clicks on digital ads without user knowledge, the Hacker News reports. The apps contained disguised code to help evade detection by monitoring systems at the online store, according to research from security firm Check Point Software Technologies Ltd. The 56 apps had been downloaded one million
times.
Student privacy vulnerable during remote learning. Biometric, behavioral, location and other data about students who use online-learning technology could be collected, potentially violating their privacy, the Washington Post reports. Digital academic systems as well as general-purpose conference services are being used by many students and schools for the first time amid stay-at-home government mandates during the coronavirus outbreak. The unfamiliar situation could lead to inadvertent oversharing of information or secret collection of data without permission.
|
|
|
|
|