The race to slow the spread of the coronavirus in the United States is placing an unprecedented burden on the country’s cyber infrastructure, potentially making it as vulnerable as it has ever been. At issue are the U.S. government agencies, thousands of businesses and millions of Americans, who suddenly have been forced to telework and rely on the security of their internet connections and good cyber hygiene, to keep businesses and services running. The result, some officials warn, is an opening for anyone who would like to strike a virtual blow. “We’re mindful that our adversaries often see opportunity in situations like these,” a U.S. official told VOA on the condition of anonymity, given the sensitive nature of the subject. Both the FBI and private cybersecurity firms warn the assault is already well underway. “We’re seeing a significant amount of threat in email, leveraging social engineering at scale to do a variety of attacks,” said Sherrod DeGrippo, senior director of threat research and detection at Proofpoint. Watch out for emails claiming to be from the One of the large video screens is checked in the Department of Homeland Security’s National Cybersecurity and Communications Integration Center in Arlington, Virginia, Aug. 22, 2018. Cyberattack amid a pandemic Those fears were front and center Monday when officials confirmed there had been a “cyber incident” involving networks belonging to the U.S. Department of Health and Human Services (HHS), which has been playing a key role in the government’s coronavirus response. HHS officials say despite the attack, none of their systems have been penetrated and that no information was compromised. Security officials have yet to assign any responsibility for the attack, though they are looking at whether a state actor may be to blame. In the meantime, there is concern that additional attacks, whether targeting the country’s cyber infrastructure, government health agencies or even medical manufacturers, are likely. “Supply chains are global. So, if you somehow can interfere or affect those supply chains, that causes some issues that we haven’t had to deal with before,” said Stuart Brotman, a fellow in the Science and Technology Innovation Program at The Wilson Center in Washington. “That would have a major impact on being able to confront the virus,” he added. U.S. officials and independent experts admit that for most state actors, such an attack would come with substantial risk, as many countries are also battling the coronavirus pandemic. Rogue actors, like criminal syndicates or North Korea, which has shown a willingness to attack companies like Sony and banks around the world, might be tempted, they say. The bigger concern, though, is that some U.S. adversaries may see this as a chance to ramp up other cyber campaigns, like attempts to meddle in the upcoming presidential election, while U.S. officials focus on stopping the virus’s spread. “Clearly, we are in this critical electoral moment which happens to overlap with COVID-19,” said Brotman. “So, now if you were on the other side trying to figure out how do we create some immediate pain, you would want to take both of those elements and put them together.” Despite the myriad vulnerabilities, U.S. officials are not giving up, encouraging government agencies and the private sector to do what they can to improve their cybersecurity posture. As the #COVID19 situation evolves, many organizations are exploring telework options for staff. Here’s some guidance to help organizations take appropriate #cybersecurity measures: https://t.co/6GboT4YlSp#CoronaViruspic.twitter.com/NB2xKzDTBG— Cybersecurity and Infrastructure Security Agency (@CISAgov) March 18, 2020“In this kind of condition, where you’re expanding your network, relying more and more on digital connectivity, it’s never too late,” Mark Montgomery, executive director of the U.S. Cyberspace Solarium Commission, told VOA. “The consequences are higher now,” he said. “If they take action now, they still have time to make an impact.”
…