Technology

Malware attacks on NASA exponentially increase due to new coronavirus


Security

Malware attacks on NASA exponentially increase due to new coronavirus

To stop the spread of the new coronavirus infection, companies and organizations from around the world are rapidly adopting telecommuting, and NASA has been in full swing since mid-March 2020.Start working from homeLet me. In this regard, NASA reported that "malware targeted at telecommuting personnel is on the rise," and called attention to stakeholders.

NASA CIO Agencywide Memo: Alert: Cyber ​​Threats Significantly Increasing During Coronavirus Pandemic
http://spaceref.com/news/viewsr.html?pid=53512

NASA sees an “exponential” jump in malware attacks as personnel work from home | Ars Technica
https://arstechnica.com/information-technology/2020/04/nasa-sees-an-exponential-jump-in-malware-attacks-as-personnel-work-from-home/

On April 6, 2020, the NASA Chief Information Officer (CIO) sent an email to all NASA employees titled "Cyber ​​threats are increasing significantly during the Coronavirus pandemic." Among them, the CIO noted that attacks blocked by NASA systems have doubled, “ a new wave of cyber attacks targeting federal government employees who are required to work from home has occurred If you are using the system, please stay vigilant and take the same precautions when using your home PC. "

According to NASA CIO announcement, via emailFishingHas been doubling in the past few days, and malware attacks targeting NASA systems have been increasing exponentially. The malicious emails and messages that are the starting point of such attacks are NASA employees who have requested "donations," "updates on viruses," "security measures," "notice of tax refunds," "fake vaccines," He is trying to steal PC credentials and files by posing as "fake campaign information".

About the announcement, IT news site Ars Technica said, “ It is possible that NASA employees and contractor employees are clicking twice as often as usual on malicious links sent by email or text message. Are concerned.

NASA is not alone in increasing the attacks targeting workers at home. The Hill, a U.S. political specialty newspaper, said, “ Major agencies such as the U.S. Department of Health and Human Services and the World Health Organization (WHO) have been targeted by hackers, and although no damage has occurred, attacks continue to be made "WhenReportDid. According to information received by WHO insiders from Reuters, not only attacks targeting WHO but also "attacks impersonating WHO"DoublingAnd that.

In response, WHO states, "We will never ask for a username or password," "we will not send attachments unless you ask for them," "other than links beginning with www.who.int Does not require access to the Internet, "does not require any payment for work requests, participation in meetings, hotel reservations, etc." "E-mail lottery and sweepstakes campaigns, certificate issuance, subsidies We don't provide any funds or raise funds. "Release statementWe are calling for attention to suspicious e-mails that attack WHO.

Also, AmericanDelaware Department of Information Technology(DTI)"There has been an explosion of threats targeting telecommuters during outbreaks. Many companies can afford to provide work-only PCs to their employees," said Solomon Adote, chief security officer at We can't afford to have a secure remote access environment at the highest level, and in light of this situation, the risks for companies are significantly greater than before. " If you are working from homePointed out.

According to Adote, especially online video conferencing appsZoomIt is said that the session in is likely to be the target of the attack. It has been pointed out that Zoom has many security and privacy issues.

It turns out that part of the encryption key of the online video conference application “ Zoom '' is issued from “ China server '', vulnerable to the “ standby room '' function-GIGAZINE

To respond to the threat that is rapidly increasing with the increase in telecommuting, NASA's CIO told employees, "VPNPlease use This allows the NASA system to take advantage of all security protections. "

Meanwhile, Ars Technica said,G SuiteAndSalesforceTelecommuters who use cloud-based services such as Microsoft have little benefit from using VPNs, and many consumer VPNs do not offer protection from phishing scams and malware attacks. " As a measure that can be taken by people working for companies or organizations that can not maintain high security such as NASA, “ keep OS, browser, router firmware, smartphone, and all other devices and systems up to date '' Was the most helpful. "

Copy the title and URL of this article

Source link

Show More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close
Close