Press release

UK condemns cyber actors seeking to benefit from global coronavirus pandemic

Foreign Secretary warns hostile cyber actors against using a global pandemic for their own malicious ends.

This was published under the 2019 to 2022 Johnson Conservative government

The Foreign Secretary has called for an end to cyber attacks by hostile actors who are using the coronavirus (COVID-19) pandemic as an opportunity to carry out malicious cyber activity, including targeting medical facilities around the world.

This follows a joint advisory today (5 May) by the UK’s National Cyber Security Centre (NCSC) and the US’s Cybersecurity and Infrastructure Security agency (CISA) exposing malicious cyber campaigns targeting international healthcare and medical research organisations involved in the coronavirus response, and giving advice on how to stay safe online.

Attacks by state and non-state actors seeking to undermine the global response to this unprecedented global health crisis endanger lives. International law and the norms of responsible state behaviour must be respected and all states have an important role to play to help counter irresponsible activity being carried out by criminal groups in their countries. Our support for the most vulnerable extends to cyberspace.

The NCSC has advised staff at healthcare and medical research organisations to change and strengthen passwords that could be easily guessed and implement two-factor authentication to reduce the threat of compromises.

Foreign Secretary, Dominic Raab, said:

It is completely unacceptable that malicious cyber actors are targeting those working to overcome the coronavirus pandemic around the world, from experts working on the global health response to hospitals and healthcare systems.

The effects of these cyber attacks are potentially life-threatening as they disrupt and put pressure on organisations and individuals working hard to save lives.

The UK will continue to counter those who conduct reckless cyber attacks for their own malicious ends. We are working closely with our allies to hold the perpetrators to account and deter further malicious cyber activity around the world.

Background

  • the UK’s National Cyber Security Centre (NCSC) has identified that an increasing number of malicious cyber actors are exploiting the current COVID-19 pandemic for their own objectives. APT groups and cyber criminals are targeting individuals, small and medium-size businesses and large organisations with COVID-19 related scams and phishing emails

  • today, the NCSC and the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint alert exposing malicious cyber campaigns targeting international healthcare and medical research organisations involved in the coronavirus (COVID-19) response, and giving advice on how to stay safe online

  • the UK’s National Cyber Security Centre (NCSC) has produced practical advice for individuals and organisations on how to deal with COVID-19 related malicious cyber activity

  • as cyberspace is essentially borderless, any mitigations or solutions need to be international – it is a foreign policy issue as much as a technical one. The UK works with the EU, NATO, the OSCE, the UN, and bilaterally with countries around the world to respond to and deter malicious cyber activity

Further information

Media enquiries

For journalists

Updates to this page

Published 5 May 2020