The presence of the novel coronavirus has been confirmed in the UK for the first time, but as fear grows about the risk of catching the disease, opportunistic cybercriminals are using the crisis to spread malware.
Today the UK’s chief medical officer, Chris Whitty, confirmed that two people from the same family had tested positive for coronavirus.
“The patients are receiving specialist NHS care, and we are using tried and tested infection control procedures to prevent further spread of the virus,” he said, confirming that the patients were located in England.
He also stressed that the country was well-prepared to handle the disease and limit the chances of a wider outbreak. This means that despite the concern that this will naturally produce, UK citizens should not be overly concerned about getting coronavirus.
“The NHS is extremely well-prepared and used to managing infections and we are already working rapidly to identify any contacts the patients had, to prevent further spread,” he said.
“We have been preparing for UK cases of novel coronavirus and we have robust infection control measures in place to respond immediately.”
Coronavirus and cybercrime: Why UK citizens should be more concerned about malware
A far greater threat than the coronavirus itself is malware that is already being spread in other parts of the world using fear surrounding the disease.
In Japan, where the first case was confirmed on 15 January, emails have begun circulating that appear to be warnings about the coronavirus outbreak from an official government body.
The emails themselves have a word document as an attachment, with an urgent-sounding name that encourages the recipient to open it. However, when they do, they see a message that looks like it is from Office 365 encouraging the user to change their settings so the document is not in protected view.
Doing this does not provide any new information about coronavirus or anything else, but it does launch an extremely malicious malware known as Emotet, which is designed to steal financial data, banking logins and other valuable personal information.
Emotet has been around for some while, and it is becoming increasingly common for attackers to use current news events to lure victims into allowing it to install.
“After a brief recess around Christmas and New Year, Emotet is very much back as the behemoth of email malware,” said Mollie MacDougall, threat intelligence manager at Cofense.
“We’re constantly seeing the operators utilise new custom-created templates that shift with the news agenda and time of year, with notable examples including a Christmas party, Halloween party and some related to Greta Thunberg. We will also see current events related language embedded in malware executables to make malicious attachments appear benign to traverse perimeter defence technologies.”
Now the UK has confirmed cases of coronavirus, the risk of UK citizens being targeted by malware related to it has significantly increased. Be very wary of any apparent warning emails about the disease, and do not open email attachments from unfamiliar sources.