The Centre’s nodal cybersecurity agency CERT-In (Indian Computer Emergency Response Team) issued an advisory that there could be a large-scale cyber attack, and attackers may use COVID-19 as bait.
In its advisory, CERT-In said that the e-mails will impersonate local authorities disseminating COVID-19 related support initiatives.
“The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded Covid-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information,” it stated.
CERT-In issued advisory on COVID 19-related Phishing Attack Campaign by Malicious Actors. pic.twitter.com/x8WO3TseCM
— CERT-In (@IndianCERT) June 20, 2020
They said that government agencies, departments and trade associations, which are involved in disbursing government aid, can be impersonated.
“The malicious actors are claiming to have two million individual/citizens’ email IDs and are planning to send emails with the subject: free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information,” it added.
According to the Centre’s advisory, the emails could be sent from ids such as ncov19@gov.in.
Cybersecurity firm CYFIRMA said that they have been tracking the North Korean hacker group Lazarus group. In October 2019, there was a cyberattack on the systems Kudankulam Nuclear Power Plant using malware for data extraction, which cybersecurity experts had then said was linked to the Lazarus group.
CYFIRMA also said that six nations that have announced significant fiscal support due to the pandemic are being targetted by the attackers.
The firm’s CEO Kumar Ritesh told the Hindustan Times that the damage in a case like this could be immeasurable and that when personally identifiable information is stolen, impersonation will take place.
“When PII (personally identifiable information) is stolen, impersonation will take place where hackers can use your identity to commit all sort of crimes, or infiltrate corporate systems. For this particular phishing campaign, hackers are looking personal details, PAN number, communication address or certain health conditions,” he told the newspaper.
CERT-In said that people must not open attachments or click URLs in unsolicited emails. People must check the URL before clicking it, and not submit personal information to unknown websites.