Joint CISA and UK Tip on COVID-19 Cyber Threat Exploitation

Revision Date

The Cybersecurity and Infrastructure Security Agency (CISA) and United Kingdom’s National Cyber Security Centre (NCSC) have seen an increase in malicious activity with themes related to Coronavirus Disease 2019 (COVID-19). Malicious cyber actors are targeting individuals, small and medium enterprises, and large organizations worldwide with COVID-19-related scams and phishing campaigns. At the same time, the surge in teleworking has increased the use of potentially vulnerable services.

Additionally, CISA and NCSC are investigating advanced persistent threat (APT) activity targeting healthcare and essential services. This activity includes password spraying—a commonly used style of brute force attack in which the attacker tries a single and commonly used password against many accounts before moving on to try a second password, and so on.

This product provides practical advice for individuals and organizations on how to defend against COVID-19-related malicious cyber activity.