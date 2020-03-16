New Cases/Deaths

Benin reported on its first case. A man tested positive after arriving from Burkina Faso, having previously visited Belgium.

Greenland confirmed its first case after an individual residing in Nuuk tested positive.

Somalia recorded its first case after an individual who recently travelled abroad tested positive.

Tanzania announced its first case after a 46-year-old woman who arrived from Belgium tested positive.

Outbreak Hot Spots Africa – new confirmed cases in the last 24 hours

Actions by Governments

Israel begins tracking phones

Israel will start tracking the mobile phones of those suspected or confirmed to have coronavirus. The decision to use the technology, intended for counter-terrorism use, was unanimously approved by the cabinet, but not put through the Knesset. Monitoring will be active for 30 days and will be used to enforce quarantine and notify those who may have come into contact with infected individuals.

New US guidelines released

Donald Trump has announced new guidelines for avoiding infection in the US, which are set to take effect for the next 15 days. Americans are being asked to avoid bars, restaurants, aged care facilities and optional travel. Gatherings of more than 10 people are discouraged and those with underlying conditions or the elderly should stay home.

UK unveils new measures to prevent infection

Key points include an increase in social distancing measures, avoiding all non-essential travel, and using the NHS only when absolutely necessary. Those with pre-existing conditions and the elderly must be particularly strict about isolating themselves. Schools will not be closed for the moment.

Border and transport-related closures

Canada will bar entry to travellers who are not Canadian citizens or permanent residents. Asymptomatic Canadians living abroad will be offered financial assistance to return home or to cover basic needs.

France has imposed a lockdown, with citizens being asked to stay home for 15 days from March 17, except for work travel, emergencies and to purchase groceries. 100,000 police are being deployed to enforce the restrictions.

The EU is moving to close external borders to the bloc for 30 days, in order to reduce the pressure on healthcare services. The proposal, put forward by EU Commission President Ursula von der Leyen, has still to be approved.

Ukraine has shut down public transport and most public spaces from March 18 until April 3. This includes automobile transport between cities, as well as subways and rail transport.

Outbreak Hot Spots Asia – new confirmed cases in the last 24 hours

Actions by Companies

Amazon to hire 100,000 additional workers in the US

Amazon has reported an increase in online sales due to the current global health situation, and is subsequently hiring 100,000 full-time and part-time workers to meet demand. They also intend to globally raise the base hourly pay-rate.

Social distancing and enhanced cleaning measures are also being implemented, in line with recommended safety precautions.

Yamaha Motor Malaysia temporarily closed

HongLeong Yamaha Motor Sdn Bhd have temporarily halted their operations until March 31st, 2020, in compliance with the government’s movement restriction order. This includes their headquarters, parts centres and branches.

Cathay Pacific selling six aircraft

Six Boeing 777-300ER planes from Cathay Pacific’s fleet are being sold to BOC Aviation, in a deal worth $703.8million USD, helping the struggling airline during the outbreak. Cathay Pacific will still be able to operate these aircraft, as they are leasing them back from BOC Aviation.

Entertainment venues closing amid outbreak

Cineworld , Odeon and Picturehouse are closing all of their cinemas across the UK and Ireland until further notice.

West End theatres in London have all announced temporary closures, in compliance with government recommendations, with no set date to reopen.

AMC are closing their US chain of cinema for at least six to twelve weeks, in compliance with the new CDC guidelines restricting group gatherings.

Regal Cinemas are closing all of their cinemas across the US until further notice.

McDonald’s closes dining rooms in the US

McDonald’s have announced the closure of their dining rooms in the US, and have asked franchisees to do the same. Starbucks, Chick-fil-A and Shake Shack have previously implemented similar measures.

Telecoms providers pledge to keep Americans connected

Dozens of telecoms providers, including AT&T, Comcast and Verizon have agreed to preserve phone and internet services for those who are out of school and work due to the outbreak. The ‘Keep Americans Connected Pledge’ will ensure that late fees and service termination will not happen for customers and businesses that fall behind in payments for the next 60 days.

Microsoft and Nordstrom close all stores

Microsoft have announced the closure of all of their stores around the world until further notice, due to health concerns.

Nordstrom have also announced a two-week closure of all of their stores in the United States and Canada, beginning on March 17th, 2020.

Drugs & Vaccines

US begins first human trial of vaccine

An experimental dose of the vaccine was administered to the first human participant at the Kaiser Permanente research facility in Seattle. The vaccine was developed by biotechnology company Moderna and the National Institutes of Health. It does not cause an infection, but instead contains harmless genetic code copied from the virus to trigger the body’s immune system. Larger trials are expected to happen later this year.

Remdesivir being tested in second round of clinical trials

The antiviral drug is being tested in five new clinical trials with first results expected in a month. It was previously tested on three individuals who had successfully recovered from the virus, albeit displaying some side effects. Remdesivir has been used in the treatment of Ebola and is described as being ‘farthest along in the development process’ compared to other potential cures.

Lancet review of coronavirus response and research gaps

Researchers have collaborated to review current measures and identify some of the gaps that need to be addressed to create an effective response to COVID-19. These include the need to validate existing tests and compare different quarantine strategies for effectiveness and social acceptability.

Cybersecurity Impact

UK National Cyber Security Centre warns of coronavirus-themed cyber attacks

The UK’s National Cyber Security Centre (NCSC) warned businesses and individuals that they have seen an increase in phishing scams and malware distribution using a coronavirus-theme. The agency stated that an increase in the outbreak’s intensity will likely correlate with a rise in attacks of this nature.

The NCSC also revealed that they have begun to take action to automatically detect and remove malicious sites that serve phishing and malware.

China and Italy targeted with coronavirus-themed email containing HawkEye Reborn

Researchers at Trend Micro identified a spam campaign that mentions a cure for coronavirus as the email subject. The message contains an attachment which is a ‘heavily obfuscated AutoIT script compiled into an executable’.

Downloading the attachment will cause the recipient’s system to become infected with the information-stealing trojan HawkEye Reborn.

APT36 spreads malware via coronavirus-themed campaign

The RedDrip team observed Pakistan-based APT36 spreading Crimson RAT via a fake coronavirus health advisory document that purports to come from the government of India. The document is delivered via a spear phishing email.

Two hidden macros in the document drop Crimson RAT, which is written in .NET and capable of stealing credentials, listing running processes, drives, and directories, retrieving files from its C2 server, and more.

APT36 is now among several APTs reportedly engaging in coronavirus-themed campaigns, including Vicious Panda, Mustang Panda, Kimsuky, Hades group, TA542, and Sweed.

TA505 deliver downloader through coronavirus themed emails

Researchers at Proofpoint reported that the financially motivated TA505 group is targeting US healthcare, manufacturing, and pharmaceutical industries with a downloader that can deliver trojans and ransomware to target machines. The downloader is distributed through emails which purport to contain advice on ‘How to protect your friends’.

TA564 also launched a campaign that targets Canadian users with the Ursnif infostealer. The malware is delivered through an email which purports to be from the Public Health Agency of Canada.

A third campaign, which has not been attributed to a particular group, targets health organisations and requests Bitcoin payments in exchange for coronavirus remedies.

Proofpoint stated that they have seen a wide variety of different attack types using a coronavirus-themed lure. The researchers said it represented the greatest collection of attack types that they had seen using a single theme ‘in years, if not ever’.

New RedLine Stealer malware delivered via coronavirus-themed email campaign

Researchers at Proofpoint discovered a new email campaign mainly targeting the healthcare and manufacturing industries in the US to deliver RedLine Stealer. It is spread via emails impersonating the Folding@home brand and asks for help in fighting coronavirus.

The email contains a link that supposedly downloads Folding@home’s legitimate distributed computing project. Once the user clicks on the link, they are redirected to the malware executable hosted on BitBucket.

RedLine Stealer is written in C# and uses SOAP for its C2 channel. The malware contains typical information stealer features, as well as the capability to download secondary payloads and advanced filtering features. A recently updated version is also capable of stealing cryptocurrency cold wallets. The researchers believe the malware to be under active development.

The malware is currently being sold on several Russian-language forums, with some advertisements appearing to sell cracked versions of RedLine Stealer.

US Health and Human Services Department hit by cyberattack

The department was hit in what is described as a ‘campaign of disruption and disinformation’ believed to have been carried out by a foreign threat actor. The US Health and Human Services’ (HHS) servers were hit millions of times over several hours in an attempt to slow its systems down, which reportedly failed.

In a tweet on March 15th, 2020, the National Security Council warned of fake messages informing users that the government was planning a two-week mandatory quarantine for the entire country. This message, spread via text, email and social media, is believed to be related to the attack on HHS.

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.