Narrative Threat Briefing Document Provides Context on Related Threat Actors and Campaigns
REDWOOD CITY, Calif.—March 24, 2020—In response to the growing threat of Coronavirus (COVID-19)-themed cyberattacks, Anomali, a leader in intelligence-driven cybersecurity solutions, today publicly released over 6,000 open source Indicators of Compromise (IOCs) that were collected, curated, and validated by Anomali researchers. In addition, Anomali has also released a related Threat Bulletin providing a narrative description of the attacks being seen. This actionable threat intelligence, which identifies COVID-19-related threats and the malicious actors looking to capitalize on the pandemic, is available now for organizations to immediately feed into their cybersecurity technologies to rapidly and proactively block the identified threats.
- For Anomali customers - the Anomali COVID-19 Campaign Threat Model and COVID-19 Threat Bulletin are automatically available for use by organizations with access to Anomali ThreatStream—including all of Anomali’s enterprise clients and over 2,000 organizations participating in threat intelligence-sharing communities powered by Anomali.
- For other organizations - Anomali have made static versions of this threat intelligence available for download.
Anomali researchers found 6,200 Indicators of Compromise (IOCs) and at least 15 distinct campaigns associated with 11 threat actors or groups distributing 39 different malware families using 80 various MITRE ATT&CK techniques. Given the spike in malicious activity related to COVID-19, combined with governments and businesses enforcing social distancing and remote work, we assess the threat presented by COVID-19-related phishing campaigns against public and private enterprises will continue to rise. This graphic provides a chronology of COVID-19-related cyber activity.
“Anomali recognizes this pandemic as a particularly stressful time for cybersecurity experts already burdened with the fears we are all facing. With that in mind, we want to ensure the widest dissemination of this vital threat intelligence, regardless of whether organizations are our current clients,” said Hugh Njemanze, CEO of Anomali.
For more information on the COVID-19 threat intelligence provided by Anomali, please check out our blog.
Anomali® delivers intelligence-driven cybersecurity solutions. Our solutions include Anomali ThreatStream®, Anomali Match™, and Anomali Lens™. Private enterprises and public organizations use Anomali to harness threat data, information, and intelligence to make effective cybersecurity decisions and detect and respond to threats. Anomali customers include more than 2,300 global organizations, many of the Global 2000 and Fortune 500, and large government and defense organizations around the world. Founded in 2013, it is backed by leading venture firms including GV, Paladin Capital Group, Institutional Venture Partners, and General Catalyst. Learn more at staging.anomali.com.
Anomali Media Contact: