Cybercriminals and nation-state actors alike are leveraging
the COVID-19 pandemic to weasel personal informational, financial data, dollars
and access to systems from their victims, from consumers to healthcare organizations
and supply chain companies, the FBI warned this week in a pair of alerts.For
the third time in as many months, the FBI called out state-sponsored hackers
who are using Kwampirs malware in supply chain and healthcare-related attacks. In
a two-phase campaign the miscreants launch a broad attack on a network, where
they’ve been found to reside for as long as three years, delivering and
executing secondary malware payloads. During the second phase the campaign delivers
additional Kwampirs components or malicious payloadsallow.“The FBI assesses Kwampirs actors gained access to a large
number of global hospitals through vendor software supply chain and hardware
products,” the alert
said. “Infected software supply chain vendors included products used to manage
industrial control system (ICS) assets in hospitals.”The frequent alerts portend a serious problem. “The fact that the FBI would be sending out a third warning in the span of three months means that now more than ever organizations should take security seriously and review their incident response plans,” said Dean Ferrando, systems engineer manager - EMEA at Tripwire. “The FBI is telling us that the threat is real and likely to hit soon. Organizations must make sure that their third-party suppliers are vetted and reviewed regularly, and should limit the access they provide to external contractors.”In another alert the FBI warned consumers that "scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both" through fake CDC and phishing emails and by offering counterfeit treatments or equipment."
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds