EclecticIQ
nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Pandemic Intel week 38: Shift in tactics to exploit COVID-19 themed attacks. AI and Automation, COVID-19 impact

Fusion Center September 14, 2020

EclecticIQ Pandemic Intelligence Update - Week 38

 

Key Findings
  • A change in consumer behavior witnessed that included increased personal device usage, visits to risky apps and websites, and increased sharing of managed devices.
  • Cyber criminals have leveraged information relating to the COVID-19 pandemic to  shift the way they  employ traditional  tactics, techniques, and procedures (TTPs)  like  phishing, ransomware, and malware.
  • The COVID crisis  has  prompted  companies to invest in automation and robotics to manage operations better,  with  COVID-19  as the  tipping point for intelligent  automation  of work  while also  often  facing  declining  revenue  related to  the pandemic.
Analysis

Increased personal use of managed devices exposes the organization to malicious content.

The use of managed devices for personal use has grown since the beginning of the COVID-19 pandemic, heightening organizations' exposure to malicious content. 

Netskope reports that the number of people working remotely doubled and that browsing to websites and applications with potentially malicious content has tripled.  

The lines between personal/professional use further dimmish as users share devices within their household, very likely caused by supporting remote learning at home. In the pandemic period, online education has risen to 4.5x at the beginning of the school year. Also, websites categorized as "Personal Sites & Blogs" served the most malicious content.

 

Shift in the tactics to exploit COVID-19 themed attacks.

Bitdefender reported (PDF) that cybercriminals strongly invested in phishing, ransomware, and commodity malware during the pandemic. The pandemic has changed the working style across the globe by adopting the new normal 'work-from-home', helping attackers to improve their tactics and techniques. In the last six months, Bitdefender categorized about 40% of COVID-19-themed emails as spam.  

Following the shift toward remote working, actors began exploiting home routers, IoT devices, and video conferencing applications. The Bitdefender report corroborates earlier findings that most actors are financially motivated, act opportunistically, and continuously adjust their messaging based on how the infection developed regionally. 

EclecticIQ analysts assess with high confidence that the recent resurgence of COVID-19 cases in Europe and other parts of the world will spur new COVID-19 related phishing and fraud campaigns.

 

 

Artificial Intelligence and Automation: Current and Post-COVID-19 impact.

Due to employees' unavailability during a pandemic situation, Artificial Intelligence has played a crucial role in the health sector during the COVID-19 period. 

The global response to managing the COVID-19 pandemic is defined by implementing social distancing strategies and decreasing human interference.

Hence, to reduce human contact, several AI applications has been developed, helping track, recognize, and report the virus's spread.

Positive results may present AI technologies in a new light, showing how it can assist in improving our day-to-day lives.

Although AI has a positive impact on the health sector, it could aid attacker TTPs by enabling certain attack vectors, increasing the attack surface, and/or assisting with obfuscation.

 

 

As Europe’s leading cyber threat intelligence company, we at EclecticIQ have decided to make use of our resources and provide the community with custom reports on threats connected to the COVID-19 pandemic throughout the duration of the crisis. This is the 26th report in a weekly series of updates to inform of important developments to COVID-19-themed attacks.

Receive all our latest updates

Subscribe to receive the latest EclecticIQ news, event invites, and Threat Intelligence blog posts.

3 more posts you might like

All Blog Posts (33)

Explore all topics

© 2014 – 2021 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo