CUSO-News---Payments-Report

close

Categories

More Tags

Subscribe to Email Updates

Popular Stories

Pay-by-Bank: Anticipating the Next Wave of Innovations
Understanding Enumeration Attacks and How to Prevent Them
Travel Disruption Just Became Easier with Visa's Digital Card Replacement
What It Means to Have a World Class NPS
Combatting AI-Powered Fraud wtih AI-Powered Fraud Prevention
Written by Cyndie Martini
on November 17, 2020

We've written many times about how cybercriminals are taking advantage of the pandemic to try and exploit bank and credit union customers. In this article, we'll step outside the scope of payments, banks, and credit unions to better understand the lengths that these criminals will go to. Better knowledge about what cybercriminals are up to will help all of us be more prepared.

Microsoft's security team has detected state-backed hackers from North Korea and Russia trying to steal valuable vaccine data from pharmaceutical companies and research labs. The US Government has also said that Chinese state-backed hackers have been targeting vaccine companies.

Microsoft said that many of the companies being targeted were located in France, India, South Korea, and the United States and were "directly involved in researching vaccines and treatments for COVID-19." The hackers target the logins of people associated with these companies, which could mean contractors and vendors. Some of the hackers' methods include:

  • Posing as job recruiters
  • Spear-phishing emails that masqueraded as missives from World Health Organization representatives

In 2019, Microsoft's security blocked over 13 million malicious and suspicious emails. The most common activities by criminals were:

  • Reconnaissance
  • Credential harvesting
  • Malware
  • Virtual Private Network (VPN) exploits

From October 2019 to July 2020, ransomware was the most common incident response. An incident response is a resolve of the breach. Meaning, people were paying ransoms to regain control of their machines. 

"They [cyber criminals] have also focused on targeting their ransomware activities toward entities that cannot afford to be offline or without access to records during critical periods of the pandemic, like hospitals and medical research institutions,” said Mary Jo Schrade, Assistant General Counsel, Microsoft Digital Crimes Unit, Asia, in regards to a recent Microsoft Defense Report.

These criminals will often choose the holidays to attack when there are fewer resources to help out.

While this article shows how the medical industry is targeted, there is plenty of valuable information for payment processors, banks, and credit unions to take from it. Careful scanning of emails, consistent updates of passwords, complex passwords, and periodic evaluation of current security practices and implementation can provide a more robust defense against these criminals.

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

Cybersecurity

NCUA Provides a Tool for Credit Unions to Evaluate their Security

It looks like Russian hackers are back at it. Due to this threat, NCUA and several federal agencies have issued cybersec...

Cybersecurity

Even Bank-Grade Security Doesn't Prevent Hacks

Morgan Stanley is the latest victim of a supply chain hack. Given the high levels of security and encryption that banks ...

Cybersecurity

Cybersecurity Is Biggest Concern For Banks In 2021

When CSI polled banks about their most significant concern for 2021, the answer was cybersecurity at 34%, by far the lar...