April 7, 2020

Be vigilant when working from home and don’t fall prey to ransomware attacks

By Tech Online Things

Hackers and cyber scammers are taking advantage of the work-from-home policy and are aware of the lack of security solutions for personal devices.

A UAE resident got ransomware from a fake Abu Dhabi Police website asking him to pay a fine of AED 3,000 for unblocking his computer within six hours.

“I called the Abu Dhabi Police and checked with them about the fine and they said that they did not send any message and has nothing to do with that. Luckily, I told my IT friend about this and he unblocked it,” the UAE resident, who did not want to be named, said.

He added that this could happen to anyone working from home.

The National Computer Emergency Response Team (aeCERT), the cybersecurity division of Telecommunications Regulatory Authority (TRA) of the UAE, has responded to approximately 35,000 cyberattacks on federal government entities during March, of which malware (59%), vulnerabilities (34%) and phishing attacks (6%).

In 2019, Dubai blocked about 840,000 malware, followed by Abu Dhabi with 301,000 and Sharjah with 224,000.

Nicolai Solling, Chief Technology Officer at security solutions provider Help AG Middle East, said that the hackers have inserted a host entry by impersonating Abu Dhabi Police website but the website is actually speaking to another fake website from behind.

“We have come across an increased attempt by the threat actors on home users. People are working from home and the security, which we use to have it in the company, is not the same in the home and it has to be distributed among its staff. Incident-based malware happens all the time and we see it increase when it is Ramadan, Easter, Christmas and New Year.

He said that people should be aware of the basic security hygienic and the UAE authorities have been regularly warning its users of the pitfalls.

Now, he said that hackers are abusing the panic and discomfort of the Covid-19 pandemic to deliver specially crafted malware via phishing attacks worldwide in a bid to make money.

“They use people’s fear and need for information on the Coronavirus by sending fraudulent emails to steal sensitive information or spread malware.

Help AG has seen an increase in corona-related malware with thousands of domain names registered every day.

According to software company Check Point, over 16,000 new Coronavirus-related domains were registered since the beginning of January.

“People want to know more about the corona and click on the links or apps. Every single person goes to the Johns Hopkins page to know about the latest stats. Hackers have created a typical John Hopkins website, with the same design and URL, and when a person clicks the website, it installs browser plug-ins to infect the machine with malware,” Solling said.

“We are likely to see more malware hidden inside fake documents capable of blocking a device or stealing information,” he said.

Recommendations

  • Use cloud security solutions to make sure that you have comprehensive protection against a wide range of threats.
  • Make sure to check the file extensions of the files you downloaded. Documents and Video files do no use .EXE file format.
  • Do not click on suspicious links that provide exclusive content, instead obtain information from trustworthy sources.
  • Organisations and people should be vigilant while handling emails and links associated with Coronavirus.