High levels of COVID-19 based cyber attacks seen in March but overall levels are down

Published: Thursday, 02 April 2020 08:21

Researchers at Check Point continue to see a dramatic rise in the number of COVID-19-related cyber attacks. In the past two weeks alone, the number of COVID-19-related cyber attacks have increased significantly from a few hundred to as high as over 5,000 on March 28th. On average, over 2,600 COVID-19-related cyber attacks occur each day. Although the number of COVID-19-related cyber attacks has seen a sharp rise, the overall number of cyber threat activities in organizational networks worldwide has dropped monthly by 17 percent between January and March 2020.

In the past two weeks, more than 30,103 new COVID-19-related domains were registered, of which 131 are malicious and 2,777 are suspicious and under investigation. This means that, in total, over 51,000 coronavirus-related domains have been registered since January 2020.

Omer Dembinsky, Data Manager of Threat Intelligence at Check Point said: “Clearly, hackers are shifting their resources away from targeting businesses, as most of us are now working from home, and towards activities that can reach us directly in our homes, such as Zoom and Netflix, which we have recently conducted research on. It will be important for us all to exercise good cyber hygiene, and to be extra cautious when receiving documents or links.”

Recently, Check Point Research saw a spike in the number of ‘Zoom’ domains registered and spotted malicious ‘Zoom’ files targeting people working from home. Over 1700 new ‘Zoom’ domains have been registered since the start of the pandemic, 25 percent of which were registered in the past week.

In January 2020, Check Point published a research report proving that Zoom had a security flaw. The research showed how a hacker could eavesdrop into Zoom calls by generating and guessing random numbers allocated to Zoom conference URLs. Consequently, Zoom was forced to fix the security breach and change some of its security features, such as mandating scheduled meetings to automatically be protected by a password.

How to stay safe

Check Point recommends the following: