A 400-strong international group of volunteers with expertise in cybersecurity was formed to fight hacking related to the novel coronavirus.
Called the COVID-19 CTI League, for cyber threat intelligence, the group spans more than 40 countries and includes professionals in senior positions at major companies including Microsoft Corp and Amazon.com.
One of four initial managers of the effort, Marc Rogers, said the top priority would be working to combat hacks against medical facilities and frontline responders to the pandemic. It is working on hacks of health organisations.
Also key is defence of essential communication networks and services as more people work from home, said Rogers, head of security at the long-running hacking conference Def Con and a vice president at security company Okta.
The group is using its web of contacts in internet infrastructure providers to squash garden-variety phishing attacks and other financial crime using the fear of COVID-19 or the desire for information to trick regular internet users.
“I’ve never seen this volume of phishing,” Rogers said. “I am seeing phishing messages in every language known to man.”
Phishing messages try to induce recipients to enter passwords or sensitive information on websites controlled by attackers, who use the data to control bank, email or other accounts.
Rogers said the group dismantled a campaign using a software vulnerability to spread malicious software. He declined to provide details and said in general the group would be reluctant to reveal what it was fighting.
Rogers said law enforcement was surprisingly welcoming of the collaboration, recognising the vastness of the threat.
Rogers is a UK citizen based in the San Francisco Bay Area. The other group co-ordinators are American with the fourth Israeli.
“I have never seen this level of co-operation,” Rogers said. “I hope it continues afterwards, because it’s a beautiful thing to see.”