On April 21st, 2020 the zvelo Cybersecurity Team was invited to present at the inaugural “Lockdown Lunch & Learn” hosted by the Military Cyber Professionals Association (MCPA). The MCPA is a 501c3, non-profit focused on military cyber operations for members of the Armed Forces, Veterans, Department of Defense Civilians, and contributors to this unique community as a whole. MCPA has more than 2,500 members nationwide and chapters around the globe.
From zvelo, Head of Cybersecurity Brad Rhodes presented current research on the recent rash of coronavirus and covid-19 related domain registrations tied to the ongoing global pandemic. Brad is a member of the MCPA serving on the National Staff for conferences and activities. He is also a Lieutenant Colonel in the Colorado Army National Guard, where he is currently leading Cyber Warfare professionals in national-level exercises. Brad is an Operation Iraqi Freedom, Operation Enduring Freedom (Afghanistan), and Task Force Echo (Cyber Ops) veteran.
The event was kicked off with a video introduction by Master Gunnery Sergeant Scott Stalker, the Senior Enlisted Leader at the United State Cyber Command and National Security Agency. Master Gunnery Sergeant Stalker highlighted challenges faced in cyberspace including both cyber criminals and nation state actors looking to take advantage of the current pandemic and impacting everyday citizens. From zvelo, Brad Rhodes provided an overview of the trends observed in recent domain registrations including: geographically-focused suspect domains, delivery of malicious content (using “whitelisted sites”, herding, and online forms sites), domain ages, and malware delivery via third party content. Additional insights included recommended tools to use and the continuing registration of domains related to the pandemic. Specifically, as of April 20th one of larger top-level domains (TLD) showed over 8000+ coronavirus and covid related domains alone.
“This was a great opportunity to share current happenings with professionals on the cyber ‘frontlines’,” Rhodes said. He continued, “Sharing this kind of research benefits everyone operating in the cyber domain. The bad guys do it well, we need to do the same.” Look for additional presentations from Team zvelo at upcoming online conferences and hopefully future in-person events. Our mission to help make the internet safer for everyone and it starts with sharing and collaborating at the grassroots level!
