Minister for Defence Linda Reynolds announced the Australian Signals Directorate (ASD) has mobilised its offensive cyber capabilities to disrupt the foreign cyber criminals behind the spate of malicious activities that have come out of the COVID-19 pandemic. “We are hitting back through the Australian Signals Directorate (ASD), who have already successfully disrupted activities from foreign criminals by disabling their infrastructure and blocking their access to stolen information,” Reynolds said.
The ASD has engaged telecommunications firms to block and take down websites identified as malicious. The ASD’s Australian Cyber Security Centre (ACSC) is also working with Google and Microsoft to have the websites flagged as malicious, as a way of ensuring users are warned about such sites before they visit them.
Stratium Global Analysis: The ACSC has issued multiple threat alerts in an effort to raise awareness around coronavirus-themed malicious cyber activity, warning scams and phishing emails are likely to increase in frequency and severity over the coming weeks and months. Existing scam emails and texts can be easily modified with a COVID-19 theme. They’ve also published guidance for small and micro businesses on how to securely adapt to working during the COVID-19 pandemic.
ASD offensive cyber capabilities
Since early March 2020, there has been a significant increase in COVID-19 themed malicious cyber activity across Australia. There are 5 main cases of COVID-19 themed phishing and spear-phishing:
- SMS phishing campaign
- Phishing campaign impersonating Australia Post to steal personal information
- Phishing campaign pretending to be international health organisation
- COVID-19 phishing emails containing malicious attachments
- COVID-19 relief payment scam