The Telco Security Alliance (TSA) is formed by AT&T (AT&T Cybersecurity), Etisalat (HelpAG), Singtel (Trustwave), SoftBank, and Telefónica (ElevenPaths). The TSA aims to offer enterprises comprehensive cybersecurity insights to help them address the threat of cyberattacks and the evolving threat landscape.
Three members of the TSA have joined together to create this report through their respective cybersecurity and threat intelligence units and companies: AT&T Cybersecurity (AT&T Alien Labs), Singtel (Trustwave) and Telefónica (ElevenPaths). The report covers noteworthy discoveries related to COVID-19 in the cyber domain.
From ElevenPaths, the experts that have participated in the report are Miguel Ángel de Castro, José Ramón Palanco, Helene Aguirre Mindeguia and Sebastián García de Saint-Léger.
Abuse of COVID-19 in the cyber domain
The cyber threat landscape has evolved quickly since the start of the COVID-19 pandemic, shifting attacks to a new tempo and success potential. Along with many in the cybersecurity community, TSA members have observed a sharp increase in malicious activity taking advantage of the pandemic while nations and organizations are at their most vulnerable. These adversaries are increasingly seeking to opportunistically benefit financially, gain unauthorized access to networks for immediate and long-term strategic benefit, and spread misinformation with political agendas. The three members of the Alliance participating in this report investigated multiple threat actors (from crimeware to nation states) who are continuing or increasing attacks during the pandemic against private organizations and government agencies.
Criminal organizations and nation states have historically taken advantage of large-scale events, using social unrest, fear, and confusion to their advantage. However, the global impact of COVID-19 has raised the bar in attack operational value. The extent to which threat actors are using it in campaigns may ebb and flow over the next 12 months, however it’s not likely that COVID-related threats will be going away anytime soon. This report provides insight into a few of the threat actors and campaigns that have been active in the last few months.
Full report available here: