Malware, Phishing

Cybersecurity super group swoops in to fight COVID-19 related hacks

You don’t tug on Superman’s cape, you don’t spit into the wind, you don’t pull the mask off the old Lone Ranger and, with apologies to Jim Croce, you don’t mess around with medical and healthcare organizations battling the coronavirus pandemic, or you’ll face the full force of the COVID-19 CTI League, a group of 400 cybersecurity volunteers from more than 40 countries who’ve pledged to fight pandemic-related hacks.

It’s tempting to drag out the popular, if tired, trope “not all superheroes wear capes” when referring to the group that includes Microsoft and Amazon and which counts in its leadership DefCon security chief Mark Rogers, a vice president at Okta, as well as Microsoft Senior Privacy Program Manager Chris Mills and Senior Security Program Manager Nate Warfield and Clearsky Cyber Security Lead Cyber Intelligence Researcher Ohad Zaidenberg.

But the COVID19-CTI website says the collaborative is simply “a community of CTI experts, Incident responders and Industry experts working to neutralize all cyber threats looking to exploit the current pandemic.” The group explained on its website that it would “identify, analyze and neutralize all threats but at this most sensitive time are prioritizing front-line medical resources and critical infrastructure.”

Members of the group will use their collective cybersecurity skills and extensive contacts to address and curb coronavirus-related hacks, including the uptick in phishing schemes.

“This is a great opportunity to support the IT security superheroes who are keeping the healthcare and critical supplies working to save lives,” said Joseph Carson, chief security scientist and Advisory CISO at Thycotic, who’s a member of thegroup and has “signed up for Cyber Volunteers 19 to help with health services in the U.K.”

Calling for the security community, “specifically those with expertise in phishing and social engineering threats needs to support the effort and be involved,” Atif Mushtaq, CEO and founder at SlashNext, said the mission’s success “would require unilateral cooperation and support from corporations, executives, employees, white hat hackers, coders, researchers, and any other security professional who could assist in the effort.”

Mushtaq said his company is looking for ways to be more involved in the initiative.

Lookout, too, sees a role for itself in this effort, said Staff Security Intelligence Engineer Apurva KumarMany competitors are happy to work with each other privately for the greater good, from both security vendors and researchers to law enforcement and CISOs from industries such as healthcare and banking,” he said. “As long as we can develop a similar coalition for these efforts I expect similar positive results.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.