CISA and NCSC Joint Activity Alert – COVID-19 Exploited by Malicious Cyber Actors

Office of Intergovernmental Affairs

Please see the advisory below from the Cybersecurity and Infrastructure Security Agency (CISA) regarding a joint activity alert on COVID-19 exploitations by malicious cyber actors, found here.  

As the nation and the world continues to fight against this newest coronavirus, COVID-19— the Cybersecurity and Infrastructure Security Agency (CISA) continues to monitor how the crisis is affecting the American public on the cybersecurity and infrastructure security front.   

Today, CISA and United Kingdom’s National Cyber Security Centre issued an activity alert titled, COVID-19 Exploited by Malicious Cyber Actors. This joint alert seeks to address the growing use of COVID-19-related themes by malicious cyber actors and it can be found here:

CISA and NCSC see the surge of reporting about malicious cyber activity using COVID-19 to prey on people’s goodwill, curiosity and concern, and exploit organizations that establish remote work options.  Specifically, this alert discusses the exploitation of virtual private networks, phishing email and text messages about COVID-19, and websites deceptively advertised as COVID 19 sites.  

CISA is sharing this information to help you and your team effectively assess your cybersecurity posture and ensure appropriate mitigation is in place. The alert provides many resources to help detect and prevent COVID-19 malicious activity on your networks. Industry partners played a key role in helping CISA and NCSC teams determine which IOCs to include in this alert and they continue to be integral to CISA’s mission as the nation’s risk advisor.  

CISA encourage you to share this alert with anyone who might be able to use it. CISA will continue to keep you updated as more information becomes available.  For authoritative information and resources on COVID-19 — including situation reports, guidance, and more, visit the CDC’s website and