Blog

The COVID-19 Pandemic Changed Everything, Can You Detect the New Normal?

Cyber adversaries certainly didn’t overlook the pandemic as an opportunity. This isn’t just speculation. Since March 2020, Anomali Threat Research has tracked pandemic-related malicious cyber activities, which to date include thousands of indicators of compromise (IOCs), numerous distinct campaigns associated with multiple threat actors, dozens of different malware families, and many various MITRE ATT&CK techniques in use.

Joe Franscella
July 29, 2021
Table of contents
<p>COVID-19 changed our personal and business lives in ways we never imagined, especially on the technology front. Consumers started using online services at monumental rates, as evidenced by explosive growth across Amazon, Netflix, and on-demand delivery apps. Businesses accelerated the pace of digital transformation with never-before seen speeds, reflected in the meteoric rise of video conferencing, remote work, and cloud growth. Governments increased their use of websites and social media to keep citizens updated on the latest developments in the pandemic and to assist with scheduling appointments for tests and vaccines.</p> <p>Cyber adversaries certainly didn’t overlook the pandemic as an opportunity. This isn’t just speculation. Since March 2020, Anomali Threat Research has tracked pandemic-related malicious cyber activities, which to date include thousands of indicators of compromise (IOCs), numerous distinct campaigns associated with multiple threat actors, dozens of different malware families, and many various MITRE ATT&amp;CK techniques in use.</p> <p>Some parts of the world are starting to rebound from the pandemic’s impact, but while there is still uncertainty around when we will fully recover, it’s a sure-fire bet that a more cloud-dependent future will be part of our new “normal.” Public and private sector organizations that want to succeed not only have to innovate to fulfill consumer and business demands for digital products and services, but also how to defend them against adversaries that are increasingly sophisticated and stealthy.</p> <p>Much of the development problem has been solved, with providers like Amazon, Microsoft, and Google providing the foundation for cloud applications and services such as Amazon Web Services (AWS), Azure, and Google Cloud. Global organizations have even, in many cases, built their own private cloud platforms that can easily and rapidly deploy innovations to any connected endpoint. Unfortunately, cybersecurity hasn’t kept pace. It’s no wonder we are experiencing ransomware attacks like the one that hit the Colonial Pipeline, and breaches as unprecedented as SolarWinds.</p> <p>Recently, we worked with The Harris Poll to ask more than 2,000 American and 1,000 British adults over 18 how they feel about the possibility of using COVID-19 digital vaccine cards, should they become required for participating in activities like traveling, attending sporting events, in-person school participation, entering a store or government building, etc. Our initial goal was to understand more deeply what both groups’ hopes and fears are when it comes to using smartphone applications to get on with normal life. While we learned a lot about individuals’ attitudes, we also gleaned a few insights that organizations attempting to understand the new digital normal should consider.</p> <h2>The Exploding Attack Surface</h2> <p>The survey revealed that almost all adults in the US (93%) and the UK (89%) have smartphones capable of supporting digital vaccination cards, ranging across almost all popular operating systems. While this is great news for anyone who supports the use of digital health verification solutions, it also serves as a warning. With almost all adults in these populations so interconnected, the likely overlap of their private and business digital lives presents threat actors with a large attack surface for compromising both users and their employers. Organizations that want to leverage the digital future should be happy to hear about how easy it is to reach consumers and connect employees. They also need to prepare to mitigate the associated increased threat this presents.</p> <p style="text-align: center;"><img alt="Nearly Everyone Has a Smartphone Capable os Supporting Digital Vaccination Cards" src="https://cdn.filestackcontent.com/nk8yzzbSXOEAUYjWirig"/></p> <h2>No Shortage of Fakes</h2> <p>The number of Americans and Brits willing to adopt digital vaccine cards if they become a requirement is substantial, with 45 percent of Americans and 54 percent of Brits having said they are <em>very</em> “likely” to use them, if they become required. Around a quarter of U.S. and British respondents said they are “somewhat” likely. Assuming such technologies can help move us beyond the pandemic, these responses are encouraging. However, there are some cons.</p> <p style="text-align: center;"><img alt="Americans and Brits Likely to Consider Digital Vaccine Cards" src="https://cdn.filestackcontent.com/3WiyQ2JFSZiCDlBcjMrb"/></p> <p>People who add digital vaccine cards to their smartphones may be accelerating their opportunities to return to everyday life, but eagerness could provide cyber adversaries with more opportunities to hack into their devices, steal data, and user credentials. Consumers aren’t the only ones at risk. As things like digital vaccine cards enter the mainstream, cybercriminals could start targeting employees on their work emails with themed phishing campaigns, hoping they will click on malicious links and attachments masquerading as legitimate information about vaccination cards. If successful, such attacks will enable threat actors to breach corporate and government networks, execute malware, and launch ransomware attacks. Fake applications could also be an issue. In June 2020, our threat intelligence analysts detected instances of hackers infecting Android devices with credential stealing and surveillance malware via fake COVID-19 contact tracing apps; across Europe, the Middle East, APAC, and Latin America. We haven’t detected any instances of fake COVID-19 digital vaccine cards in use, but it would be smart for consumers, app stores, governments, and employers to invest in ways to detect and block them.</p> <h2>Get Ahead on Standards</h2> <p>Our industry has made strides in establishing cybersecurity and compliance, but we’ve also missed opportunities. PCI Security Standards, the NIST Cybersecurity Framework, and the MITRE ATT&amp;CK Framework are examples of wins, but there is certainly much work to be done. When it comes to hardening things like digital vaccine cards and COVID-19 travel passports, consumers may expect standards agencies, governments, and the private sector to work together. Although none related to digital vaccine cards or passports have been established, when asked to pick from a list of organizations that will most likely be responsible for creating and managing them, the World Health Organization (WHO) was most frequently cited by Americans (45%), while the Brits most frequently chose Government (55%). Ensuring uniformity – especially for cybersecurity – is a step that should not be overlooked.</p> <p style="text-align: center;"><img alt="Responsibility for COVID Passport Standards Lies with WHO and the Government" src="https://cdn.filestackcontent.com/0DTFKdcjQgyu3CAlaMnL"/></p> <h2>The Post Pandemic Normal</h2> <p>When it comes to work, life, business, and healthcare, digital transformation is our new normal. It is driving consumers and employees to connect at an exploding rate and stretching the attack surface faster than we have ever experienced. More than ever, in a world where connectivity is ever-expanding, organizations need to invest in solutions and talent that will help them to detect, block and respond to threat actors. As hard as things have been in cybersecurity for the past two decades, the new normal just made things exponentially more challenging.</p> <ul> <li><a href="{page_5699}">Download the related eBook</a></li> <li><a href="{page_5691}">View the infographic</a></li> <li><a href="{page_5698}">Read the press release</a></li> </ul> <h2><em>Methodology</em></h2> <p><em>This survey was conducted online by The Harris Poll on behalf of Anomali from June 30 – July 7, 2021 among 2,021 U.S. adults and among 1,007 UK adults all ages 18 and older. </em><em>Raw data were weighted by the following demographic variables where necessary to reflect the general adult population as follows: age, gender, education, region, race, HH size, and marital status. Propensity score weighting was also used to adjust for respondents’ propensity to be online. This online survey is not based on a probability sample and therefore no estimate of theoretical sampling error can be calculated.</em></p>
Joe Franscella

Joe Franscella is the former Vice President of Corporate Communications at Anomali.

Discover More About Anomali

Get the latest news about Anomali's Security and IT Operations platform,

SEe all Resources
No items found.
No items found.

Propel your mission with amplified visibility, analytics, and AI.

Learn how Anomali can help you cost-effectively improve your security posture.

July 29, 2021
-
Joe Franscella
,

The COVID-19 Pandemic Changed Everything, Can You Detect the New Normal?

No items found.
<p>COVID-19 changed our personal and business lives in ways we never imagined, especially on the technology front. Consumers started using online services at monumental rates, as evidenced by explosive growth across Amazon, Netflix, and on-demand delivery apps. Businesses accelerated the pace of digital transformation with never-before seen speeds, reflected in the meteoric rise of video conferencing, remote work, and cloud growth. Governments increased their use of websites and social media to keep citizens updated on the latest developments in the pandemic and to assist with scheduling appointments for tests and vaccines.</p> <p>Cyber adversaries certainly didn’t overlook the pandemic as an opportunity. This isn’t just speculation. Since March 2020, Anomali Threat Research has tracked pandemic-related malicious cyber activities, which to date include thousands of indicators of compromise (IOCs), numerous distinct campaigns associated with multiple threat actors, dozens of different malware families, and many various MITRE ATT&amp;CK techniques in use.</p> <p>Some parts of the world are starting to rebound from the pandemic’s impact, but while there is still uncertainty around when we will fully recover, it’s a sure-fire bet that a more cloud-dependent future will be part of our new “normal.” Public and private sector organizations that want to succeed not only have to innovate to fulfill consumer and business demands for digital products and services, but also how to defend them against adversaries that are increasingly sophisticated and stealthy.</p> <p>Much of the development problem has been solved, with providers like Amazon, Microsoft, and Google providing the foundation for cloud applications and services such as Amazon Web Services (AWS), Azure, and Google Cloud. Global organizations have even, in many cases, built their own private cloud platforms that can easily and rapidly deploy innovations to any connected endpoint. Unfortunately, cybersecurity hasn’t kept pace. It’s no wonder we are experiencing ransomware attacks like the one that hit the Colonial Pipeline, and breaches as unprecedented as SolarWinds.</p> <p>Recently, we worked with The Harris Poll to ask more than 2,000 American and 1,000 British adults over 18 how they feel about the possibility of using COVID-19 digital vaccine cards, should they become required for participating in activities like traveling, attending sporting events, in-person school participation, entering a store or government building, etc. Our initial goal was to understand more deeply what both groups’ hopes and fears are when it comes to using smartphone applications to get on with normal life. While we learned a lot about individuals’ attitudes, we also gleaned a few insights that organizations attempting to understand the new digital normal should consider.</p> <h2>The Exploding Attack Surface</h2> <p>The survey revealed that almost all adults in the US (93%) and the UK (89%) have smartphones capable of supporting digital vaccination cards, ranging across almost all popular operating systems. While this is great news for anyone who supports the use of digital health verification solutions, it also serves as a warning. With almost all adults in these populations so interconnected, the likely overlap of their private and business digital lives presents threat actors with a large attack surface for compromising both users and their employers. Organizations that want to leverage the digital future should be happy to hear about how easy it is to reach consumers and connect employees. They also need to prepare to mitigate the associated increased threat this presents.</p> <p style="text-align: center;"><img alt="Nearly Everyone Has a Smartphone Capable os Supporting Digital Vaccination Cards" src="https://cdn.filestackcontent.com/nk8yzzbSXOEAUYjWirig"/></p> <h2>No Shortage of Fakes</h2> <p>The number of Americans and Brits willing to adopt digital vaccine cards if they become a requirement is substantial, with 45 percent of Americans and 54 percent of Brits having said they are <em>very</em> “likely” to use them, if they become required. Around a quarter of U.S. and British respondents said they are “somewhat” likely. Assuming such technologies can help move us beyond the pandemic, these responses are encouraging. However, there are some cons.</p> <p style="text-align: center;"><img alt="Americans and Brits Likely to Consider Digital Vaccine Cards" src="https://cdn.filestackcontent.com/3WiyQ2JFSZiCDlBcjMrb"/></p> <p>People who add digital vaccine cards to their smartphones may be accelerating their opportunities to return to everyday life, but eagerness could provide cyber adversaries with more opportunities to hack into their devices, steal data, and user credentials. Consumers aren’t the only ones at risk. As things like digital vaccine cards enter the mainstream, cybercriminals could start targeting employees on their work emails with themed phishing campaigns, hoping they will click on malicious links and attachments masquerading as legitimate information about vaccination cards. If successful, such attacks will enable threat actors to breach corporate and government networks, execute malware, and launch ransomware attacks. Fake applications could also be an issue. In June 2020, our threat intelligence analysts detected instances of hackers infecting Android devices with credential stealing and surveillance malware via fake COVID-19 contact tracing apps; across Europe, the Middle East, APAC, and Latin America. We haven’t detected any instances of fake COVID-19 digital vaccine cards in use, but it would be smart for consumers, app stores, governments, and employers to invest in ways to detect and block them.</p> <h2>Get Ahead on Standards</h2> <p>Our industry has made strides in establishing cybersecurity and compliance, but we’ve also missed opportunities. PCI Security Standards, the NIST Cybersecurity Framework, and the MITRE ATT&amp;CK Framework are examples of wins, but there is certainly much work to be done. When it comes to hardening things like digital vaccine cards and COVID-19 travel passports, consumers may expect standards agencies, governments, and the private sector to work together. Although none related to digital vaccine cards or passports have been established, when asked to pick from a list of organizations that will most likely be responsible for creating and managing them, the World Health Organization (WHO) was most frequently cited by Americans (45%), while the Brits most frequently chose Government (55%). Ensuring uniformity – especially for cybersecurity – is a step that should not be overlooked.</p> <p style="text-align: center;"><img alt="Responsibility for COVID Passport Standards Lies with WHO and the Government" src="https://cdn.filestackcontent.com/0DTFKdcjQgyu3CAlaMnL"/></p> <h2>The Post Pandemic Normal</h2> <p>When it comes to work, life, business, and healthcare, digital transformation is our new normal. It is driving consumers and employees to connect at an exploding rate and stretching the attack surface faster than we have ever experienced. More than ever, in a world where connectivity is ever-expanding, organizations need to invest in solutions and talent that will help them to detect, block and respond to threat actors. As hard as things have been in cybersecurity for the past two decades, the new normal just made things exponentially more challenging.</p> <ul> <li><a href="{page_5699}">Download the related eBook</a></li> <li><a href="{page_5691}">View the infographic</a></li> <li><a href="{page_5698}">Read the press release</a></li> </ul> <h2><em>Methodology</em></h2> <p><em>This survey was conducted online by The Harris Poll on behalf of Anomali from June 30 – July 7, 2021 among 2,021 U.S. adults and among 1,007 UK adults all ages 18 and older. </em><em>Raw data were weighted by the following demographic variables where necessary to reflect the general adult population as follows: age, gender, education, region, race, HH size, and marital status. Propensity score weighting was also used to adjust for respondents’ propensity to be online. This online survey is not based on a probability sample and therefore no estimate of theoretical sampling error can be calculated.</em></p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.
No items found.