Called the COVID-19 CTI League, for cyber threat intelligence, the group spans more than 40 countries and includes professionals in senior positions at such major companies as Microsoft Corp (MSFT.O) and Amazon.com Inc (AMZN.O).
One of four initial managers of the effort, Marc Rogers, said the top priority would be working to combat hacks against medical facilities and other frontline responders to the pandemic. It is already working on hacks of health organizations.
Also key is the defense of communication networks and services that have become essential as more people work from home, said Rogers, head of security at the long-running hacking conference Def Con and a vice president at security company Okta Inc OKTA.o.
The group is also using its web of contacts in internet infrastructure providers to squash garden-variety phishing attacks and another financial crime that is using the fear of COVID-19 or the desire for information on it to trick regular internet users.
“I’ve never seen this volume of phishing,” Rogers said. “I am literally seeing phishing messages in every language known to man.”
Phishing messages try to induce recipients to enter passwords or other sensitive information on websites controlled by the attackers, who then use the data to take control of bank, email or other accounts.
Rogers said the group had already dismantled one campaign that used a software vulnerability to spread malicious software. He declined to provide details, and said that in general the group would be reluctant to reveal what it was fighting.
Rogers said law enforcement had been surprisingly welcoming of the collaboration, recognizing the vastness of the threat.
Rogers is a UK citizen based in the San Francisco Bay Area. Two other group coordinators are American, and one is Israeli.
“I have never seen this level of cooperation,” Rogers said. “I hope it continues afterwards, because it’s a beautiful thing to see.”