Senior federal government staff member’s email ‘spoofed’ in COVID-19 phishing campaign

By Shannon Jenkins

Tuesday April 21, 2020

(Image: Adobe/adimas)

The Australian Cyber Security Centre (ACSC) has ramped up its fight against malicious cyber activity to protect families, local businesses, and the health sector, according to defence minister Linda Reynolds.

Reynolds on Tuesday said the Australian Signals Directorate has been engaging with hospitals and health service providers across Australia as they respond to the coronavirus.

“Hospitals and other health care providers are on the frontline in our fight against COVID-19 and that is why we are working directly with them to reduce their risk of cyber compromise during an already very challenging period,” she said.

“The ACSC is also providing a second layer of defence in detecting malicious cyber activity on critical federal government department networks, including the Department of Health.”

She said the ACSC has also been collaborating with industry, law enforcement and government partners to identify and disrupt malicious cyber criminals offshore, who have been implementing pandemic-themed scams and phishing attacks against families and businesses.

In a threat update on Monday, the ACSC reported that since March 10, it has:

  • received more than 95 cybercrime reports about Australians losing money or personal information to COVID-19 themed scams and online frauds,
  • responded to 20 cybersecurity incidents affecting COVID-19 response services and/or major national suppliers in the current climate, and
  • disrupted over 150 malicious COVID-19 themed websites, with assistance from Google and Microsoft.

The update noted that on April 7, the ACSC received a report from a federal government department that a “senior staff member’s email was being spoofed” as part of a coronavirus-themed phishing campaign. The email contained an attachment with embedded malware that was designed to steal sensitive information such as banking usernames and passwords.

The ACSC lodged a take-down request with the domain registrar located in South Africa, and contacted Australia’s major telecommunications providers, as well as Google and Microsoft, to block the website from being accessed. The website was flagged as malicious at the browser-level.

ACSC head Abigail Bradshaw said the agency has seen the devastating impact of cybercrime, and was committing to ensuring “Australians remain safe online and our vital services are protected”.

“We are arming Australians, businesses and key sectors, like health and medical services, with information on the threats and practical assistance to enable them to better protect themselves against these global cyber criminals,” she said.

The agency has warned of new phishing campaigns that align with breaking developments — government relief payments or public health guidance, for example — within days or even hours of these announcements occurring.

The agency “strongly encourages” organisations and individuals to be aware of the threat of COVID-19 themed cybercrime activity, including “sophisticated” scams, phishing emails and malicious websites.

Read more: Commonwealth agencies ‘vulnerable to cyberthreats’, according to Australian Signals Directorate

The ASD and ACSC have been contributing cybersecurity expertise to the development of the federal government’s controversial COVID-19 tracing app.

About the author
Inline Feedbacks
View all comments
The Mandarin Premium

Insights & analysis that matter to you

Subscribe for only $5 a week


Get Premium Today