The Power of Community to Fight COVID-19 Cyber Threats [cybersecurity.att]

Cybercriminals are taking advantage of the fear and uncertainty surrounding the current global health and economic situation as well as sudden shifts and exposures in IT environments to launch COVID-19 related attack campaigns. The bad guys are moving full-steam ahead in their efforts to lure victims by playing on their fears.

Fortunately, the security community is banding together to take on these cyber attackers by sharing vital threat information to help identify the adversaries and their evolving tactics. We’re seeing this first-hand in the AT&T Alien Labs Open Threat Exchange (OTX). The OTX community is responding and sharing information on COVID-related threats as they arise. The immediate, near real-time contributions of the OTX community gives Alien Labs a unique vantage point to monitor activity in the wild and deliver curated threat intelligence on new and evolving threats on a continual basis.

As of March 26, Alien Labs and the OTX community identified and contributed the following COVID-19 related threat intelligence:  

  • In total, OTX members contributed 419,643 COVID-related IOCs from January to March and 16,404,579 IOCs overall.
  • OTX experienced a 2,000% month-over-month increase (+382,973) from February to March with regard to the number of COVID-related IOCs contributed to OTX.
  • Staring in February, pulses about threats using COVID-19 to lure victims began steadily increasing, spiking as of March 23 with as much as 20% of overall daily pulses relating to threats using COVID-19.
  • In the month of March, COVID-related pulses made up 5% of the overall threat pulses published to OTX by members of the community.
  • From January 1, 2020 – March 26, 2020, the community published  85,000 pulses in total, including 250 individual pulses on threats related to COVID. 

For more, click here.