EclecticIQ
nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

EclecticIQ Pandemic Intelligence Update - Week 37

Fusion Center September 8, 2020

EclecticIQ Pandemic Threat Intelligence Update week 37

 

Key Findings
  • APT groups participate in opportunistic intelligence gathering targeting European government entities.
  • School systems remain highly vulnerable to cyberattacks during the start of the school-year as a result of increased online remote collaboration.
  • Research organizations participating in COVID-19 research face very high risk of cyberattacks on medical technology.
  • Amplification of misinformation in social media regarding COVID-19 makes it easier for threat actors to redirect victims to malicious infrastructure.
Analysis

China-linked APT Targets European Government Entities Involved in COVID-19 Public Policy.

APT group TA413 has attempted to penetrate various European government offices involved in COVID-19 public policy and economics, with lures mimicking important communications from the WHO. The attacks primarily involve the use of a remote access trojan (RAT) dubbed Sepulcher, that uses Living-off-the-Land techniques to evade detection during installation and uses encrypted C2 communications. It is likely that these operations have expanded since March 2020 and represent broader, opportunistic intelligence gathering. Many nations are preoccupied focusing on continuous developments in the pandemic.

 

Threat actors will very likely intensify attacks against school systems.

New patterns of school operation decrease the resilience of education systems against cyberattacks. As students and faculty adjust to new learning patterns induced by social distancing, it will be easier for attackers to launch social engineering attacksThreat actors will almost certainly use phishing to target students and faculty with the aim of either credential capture, or redirection to malicious websites that launch further payloads. Threat actor operations will seek to disrupt remote learning systems that include Zoom and other conferencing software. Techniques, tactics, and procedures (TTPs) are very likely to include Distributed Denial of Service (DDoS), exploitation of software vulnerabilities for unauthorized access, and exploitation of poorly protected valid accounts on remote infrastructure. Threat actors will seek to fulfill financial extortion and dystopian motivations.

 

Companies participating in COVID-19 research should remain on high alert from advanced threat actors.

Research organizations face a higher risk to attack because they are less likely to have a robust enterprise-grade security system. The highly collaborative nature of the global research effort for a COVID-19 cure creates many points between research departments, from which APT groups may attempt to steal information. State-backed groups have increased incentive to attack research as nations race to control and develop vaccine technology:

  • Moderna was attacked after it entered final-phase clinical trials for a potential vaccine in August 2020.
  • 10x Genomics had vaccine data stolen in April 2020.
  • Hammersmith Medicines Research was attacked in March 2020, but stolen data did not include any proprietary research.

 

Social media manipulation operations are becoming more sophisticated and bring risk to a growing audience.

A recent study of Twitter activity featuring COVID-19 information found that bots comprised 20%-30% of all activity that involved spreading COVID-19 misinformation. Bots increasingly operate within their own semi-autonomous networks to drive curated media distribution.  The internetworking of bot accounts mixed with human activity makes the initial seeding of material more difficult to detect.

Findings in the study are likely under representative as the data was driven and limited by “low-credibility domains” as a starting point for the research.  There are many forms of media that misinformation operations can weaponize. An earlier study of COVID-19 and “Reopen America” themes from March 2020 found that bots represented 45%-60% of all traffic across 200 million tweets

 

As Europe’s leading cyber threat intelligence company, we at EclecticIQ have decided to make use of our resources and provide the community with custom reports on threats connected to the COVID-19 pandemic throughout the duration of the crisis. This is the 25th report in a weekly series of updates to inform of important developments to COVID-19-themed attacks.

Receive all our latest updates

Subscribe to receive the latest EclecticIQ news, event invites, and Threat Intelligence blog posts.

3 more posts you might like

All Blog Posts (33)

Explore all topics

© 2014 – 2021 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo