Nearly 400 volunteers with expertise in cyber-security formed an international group in order to fight to hack related to the novel coronavirus. Named the group — COVID-19 CTI League, for cyber threat intelligence, includes professionals from more than 40 countries and from senior positions at major companies such as Microsoft and Amazon.com.
Marc Rogers — the head of security at the long-running hacking conference Def Con and a vice president at security company Okta, as well as one of four initial managers of the initiative, said the top priority would be working to combat hacks against healthcare and other frontline responders to the pandemic. It is already working on hacks of health organizations. Also key is the defence of communication networks and services that have become essential as more people work from home, said Rogers.
The group is also using its web of contacts in internet infrastructure providers to squash garden-variety phishing attacks and another financial crime that is using the fear of COVID-19 or the desire for information on it to trick regular Internet users.
Rogers said, ”I’ve never seen this volume of phishing, and now I am literally seeing phishing messages in every language known to man.” Phishing messages are directed towards inducing users to enter sensitive information on websites which are then controlled by the attackers, who then use the information shared to take control of bank, email or other accounts.
Rogers, without providing many details, claimed that the group had already dismantled one campaign that used a software vulnerability to spread malicious software. According to Rogers, law enforcement has been welcoming of the collaboration, recognising the vastness of the threat.
“I have never seen this level of cooperation,” Rogers said. “I hope it continues afterwards because it’s a beautiful thing to see.”