Cybersecurity experts come together to fight coronavirus-related hacking

One of four initial managers of the effort, Marc Rogers, said the top priority would be working to combat hacks against medical facilities and other frontline responders to the pandemic.

An international group of nearly 400 volunteers with expertise in cybersecurity formed on Wednesday to fight hacking related to the novel coronavirus.

Called the Covid-19 CTI League, for cyber threat intelligence, the group spans more than 40 countries and includes professionals in senior positions at such major companies as Microsoft Corp and Amazon.com Inc .

One of four initial managers of the effort, Marc Rogers, said the top priority would be working to combat hacks against medical facilities and other frontline responders to the pandemic. It is already working on hacks of health organizations. Also key is the defense of communication networks and services that have become essential as more people work from home, said Rogers, head of security at the long-running hacking conference Def Con and a vice president at security company Okta Inc.

ALSO READ: Coronavirus: IT firms ask clients abroad to allow staff to work from home

The group is also using its web of contacts in internet infrastructure providers to squash garden-variety phishing attacks and another financial crime that is using the fear of Covid-19 or the desire for information on it to trick regular internet users. "I've never seen this volume of phishing," Rogers said. "I am literally seeing phishing messages in every language known to man."

Phishing messages try to induce recipients to enter passwords or other sensitive information on websites controlled by the attackers, who then use the data to take control of bank, email or other accounts.

Rogers said the group had already dismantled one campaign that used a software vulnerability to spread malicious software. He declined to provide details, and said that in general the group would be reluctant to reveal what it was fighting. Rogers said law enforcement had been surprisingly welcoming of the collaboration, recognizing the vastness of the threat.

UN probing 35 N Korea cyberattacks in 17 countries; India 2nd-most affected

Neighbouring South Korea was hardest-hit, the victim of 10 North Korean cyberattacks, followed by India with three attacks, and Bangladesh and Chile with two each.

Business Standard : UN experts say they are investigating at least 35 instances in 17 countries of North Koreans using cyberattacks to illegally raise money for weapons of mass destruction programs and they are calling for sanctions against ships providing gasoline and diesel to the country.

Last week, The Associated Press quoted a summary of a report from the experts which said that North Korea illegally acquired as much as $2 billion from its increasingly sophisticated cyber activities against financial institutions and cryptocurrency exchanges.

The lengthier version of the report, recently seen by the AP, reveals that neighbouring South Korea was hardest-hit, the victim of 10 North Korean cyberattacks, followed by India with three attacks, and Bangladesh and Chile with two each.

Thirteen countries suffered one attack Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia and Vietnam, it said.

The experts said they are investigating the reported attacks as attempted violations of UN sanctions, which the panel monitors.

The report cites three main ways that North Korean cyber hackers operate. One is attacks through the Society for Worldwide Interbank Financial Telecommunication or SWIFT system used to transfer money between banks, "with bank employee computers and infrastructure accessed to send fraudulent messages and destroy evidence."

The other two are, theft of cryptocurrency "through attacks on both exchanges and users", and "mining of cryptocurrency as a source of funds for a professional branch of the military".

Experts stressed that implementing these increasingly sophisticated attacks "is low risk and high yield," often requiring just a laptop computer and access to the internet.

The report to the Security Council gives details on some of the North Korean cyberattacks as well as the country's successful efforts to evade sanctions on coal exports in addition to imports of refined petroleum products and luxury items including Mercedes Benz S-600 cars.

One Mercedes Maybach S-Class limousine and other S-600s, as well as a Toyota Land Cruiser, were transferred from North Korea to Vietnam for last February's summit between the country's leader Kim Jong Un and the US.