Kiwi company Darkscope is supporting the global fight against cybersecurity threats with about one third of the world in
lockdown and unprecedented numbers of people working from home.
Darkscope is monitoring around 280,000 variations of domain names currently, all related to COVID-19, and is providing
daily reports to multiple organisations in Europe and Australasia. Its focus is information flows and domain movements,
and finding clandestine activity related to the pandemic.
Technical Director of Darkscope, Joerg Buss, says its systems have uncovered a worrying increase in registration or
reactivation of existing so-called permutation domains that can be used for fraud, by taking advantage of people’s
hunger for the latest information.
“These domain names look like ones we are used to seeing but have different origins - this is a big risk for companies
with people not currently working under the usual corporate cybersecurity umbrella,” he says.
“An attack could be as easy as an email from a bogus domain asking the reader to click to see the latest COVID-19 stats.
This is unlikely to be stopped by an email filter and could go straight to the inbox of an employee or customer.
“If people are working from home, and don’t check the email is legitimate, there’s less chance it will be seen as an
attack.
“Phishing emails happen every day but since COVID-19 we have seen an increase in domains being registered around
keywords like pandemic, WHO, COVID-19 and other related words or phrases.
“Within the 280,000 monitored domain variations there are currently around 20,000 active COVID-19 related domain
permutations and this number is increasing all the time - it’s grown 50% in the last week,” he says.
Joerg Buss reiterates the importance of being extra vigilant at this time because teams are spread, cybersecurity is
more fragmented and when there is uncertainty people’s guards are often down, especially when they can’t easily ask a
colleague for advice:
“We are all living in strange circumstances at the moment and the last thing anyone would want is to let in a cyber
attack.
“The best advice is DON’T click on links in emails unless you are absolutely certain of who has sent it to you. A quick
phone call or text to check may take more time but is essential. If advice or updates about COVID-19 are needed, go to
trusted websites.
“The bad guys online are busy at times like this and they will take advantage wherever they can,” he warns.
Darkscope is able to deliver this type of cybersecurity intelligence by using its own AI and Deep Artificial Neural
Networks monitoring scattered over the darkweb. This is the part of the Internet that’s only accessible when using
special software, allowing users and website operators to remain anonymous or untraceable.
Darkscope is the first joint human and AI business specialising in training and using artificial intelligence to provide
assistive technology to enhance human expertise in cybersecurity. With its cutting edge systems, Darkscope is a New
Zealand based global leader in cyber intelligence solutions.