Defying Cyberattacks in the Time of Coronavirus

The time of Coronavirus brings about not only increase use of technology, but also an explosion of cybersecurity incidents. Govtech reports on the concerning magnitude of cyberattacks:

· "Cyberattacks on the rise during the Covid-19 pandemic"

· Government Technology: "How Is Covid-19 Creating Data Breaches?"

· BBC: "Coronavirus: How the world of work may change forever"

· "INTERPOL report shows alarming rate of cyberattacks during COVID-19"

· "Ransomware surge imperils hospitals as pandemic intensifies"

· PR Newswire: "Top Cyber Security Experts Report: 4,000 Cyber Attacks a Day Since COVID-19 Pandemic"

· ZDNet: "COVID-19 pandemic delivers extraordinary array of cybersecurity challenges"

· Maritime Executive: "Maritime Cyberattacks Up by 400 Percent"

Most prominent is Evil Corp, a Russian cybercrime syndicate., which installs Ransomware in hundreds of US major companies, crippling healthcare, finance, oil supply and even governmental institutions:

· CNA Financial Paid Evil Hackers $40 Million in Ransom

· St. Joseph's Candler Ransomware Attack

· JBS Cyberattack

It becomes imperative that the public receives information and education during this time to defy the malicious attacks.

From data breaches to ransomware and from online fraudulent activities to election security, new challenges call for necessary preventive measures on every level. First, know what you need to prevent; know that there are four kinds of attacks:

· Network Security Attacks

· Wireless Security Attacks

· Malware Attacks

· Social Engineering Attacks

However complicated and sophisticated cyberattacks may be, we can always start with ourselves to practice safe digital behavior.

· Safeguard and secure information -- Back up files.

· Double-check website safety – Enter only secure webpages.

· Keep your software and systems updated.

· Delete spam.

· Disable third-party components to prevent infiltration.

· Browse/click on only trusted webpages/links.

· Perform regular scans and cleaning.

· Use Domain-Based Message Authentication, Reporting and Conformance (DMARC).

· Use multi-factor authentication (MFA).

From individuals, communities, companies, to governments, we need to work together to raise awareness about cybersecurity. Organizations need to do the following:

· Developing cyber security policies

· Implementing security awareness training

· Installing spam filters and anti-malware software

· Deploying Next-Generation Firewalls (NGFW)

· Installing endpoint detection & response (EDR)

Whatever we do, however we work, stay vigilant. And hopefully with efforts from all sides, we can begin to defy cyberattacks in the time of coronavirus.


新型冠状病毒时期不仅带来了技术使用的需求增加,还带来了层出不穷的网络安全攻击事件。 Govtech 报告了有关网络攻击的严重程度:


• 政府技术:“新型冠状病毒如何造成数据泄露?”

• BBC:“冠状病毒:工作情况将如何永远改变”

•“INTERPOL 报告显示新型冠状病毒期间网络攻击的速度惊人”


• 美通社:“顶级网络安全专家报告:自新型冠状病毒流行以来,每天发生 4,000 次网络攻击”

• ZDNet:“新型冠状病毒流行带来一系列非凡的网络安全挑战”

• 海事执行官:“海上网络攻击增加 400%”

恶名昭彰的俄罗斯网络犯罪集团 Evil Corp在数百家美国大公司中安装了勒索软件,削弱了医疗保健、金融、石油供应甚至政府机构的安全运作能力:

• CNA Financial 向邪恶网络黑客支付了 4000 万美元的赎金

• St. Joseph's Candler 勒索软件攻击

• JBS 网络攻击



• 网络安全攻击

• 无线安全攻击

• 恶意软件攻击

• 社会工程性攻击


• 保护信息—备份文件。

• 仔细检查网站安全—仅登入安全网页。

• 保持软件和系统更新。

• 删除垃圾邮件。

• 禁用第三方组件以防止渗透。

• 仅浏览/点击受信任的网页/链接。

• 执行定期扫描和清洁。

• 使用身份验证、报告和信息一致性作业 (DMARC)。

• 使用多重身份验证 (MFA)。


• 制定网络安全政策

• 实施安全意识培训

• 安装垃圾邮件过滤器和反恶意软件

• 部署下一代防火墙 (NGFW)

• 安装端点检测和响应 (EDR)