Defense officials said Monday they are seeing a “surge” in spear phishing related to the coronavirus pandemic, as more people are teleworking from home.
“There’s been a surge of spear phishing related to COVID-19. Of course that’s not surprising because most spear phishing campaigns tend to exploit current events to produce convincing products,” said Air Force Lt. Gen. B.J. Shwedo, director for Command, Control, Communications, and Computers (C4)/Cyber, and chief information officer for Joint Staff, J6.
“These folks are very adept at capturing whatever is the current situation, and right now COVID-19 is a current emphasis item when we go across the board,” he said at a Pentagon briefing. “They get you to click on websites that redirect you to compromise yourself.”
He said the Defense Information Systems Agency continues to update its systems to block new malware and threat products.
Shwedo said the spear phishing campaign goes “across the gamut” in who it is targeting. “They’ll shotgun blast across America and everything else,” he said.
He refrained from saying who exactly at the Pentagon is being targeted, since that would give perpetrators insight into the Pentagon’s ability to track them.
“Part of having a very good active defense and being able to deploy some of the tactics and techniques that have allowed us to be able to keep our workforce working in a safe and secure manner is the fact that we don’t publish where we get the attack vectors from because that would just give insight to the adversary,” said Dana Deasy, Department of Defense chief information officer.
“The insight that we’re receiving, we’re getting better and better at getting their [tactics, techniques, and procedures], and we’re getting better at finding out where these threat vectors are coming from,” Schwedo said.