INTERPOL has completed an assessment of the impact of COVID-19 on cybercrime and has found a major increase in attacks during the pandemic, with cybercriminals shifting their focus from targeting individuals and small businesses to attacking large corporations, critical infrastructure, and government agencies.
With many countries implementing lockdowns to curb COVID-19 infections, businesses have been forced into allowing virtually of their employees to work from home. They have had to implement remote working solutions to support those at-home workers, and the speed at which those systems have had to be implemented has meant security vulnerabilities have been introduced. Those vulnerabilities are being sought and exploited by cybercriminals.
“The increased online dependency for people around the world, is also creating new opportunities, with many businesses and individuals not ensuring their cyber defenses are up to date,” explained INTERPOL in its report.
The reliance on the Internet and digital technologies during the pandemic has been exploited by cybercriminals and attempted attacks have increased significantly. Malicious domains are up 22%, phishing scams have increased by 59%, malware and ransomware attacks are up 36%, and there has been a 14% increase in fake news. Between January and April, one of INTERPOL’s partners detected around 907,000 spam emails related to COVID-19, 737 incidents involving malware, and 48,000 malicious URLs linked to COVID-19.
Cybercriminals have embraced the pandemic and have taken advantage of the interest in information about COVID-19 and have repurposed their infrastructure to send out COVID-19 and SARS-CoV-2 themes phishing lures. Cybercriminals have been impersonating government agencies and health authorities to fool people into thinking their phishing campaigns and scams are genuine.
Disruptive ransomware attacks have also increased. Even threat groups that have been relatively dormant for months have sprung back into action and have taken advantage of the pandemic to conduct new campaigns. The use of remote access Trojans, spyware, information stealers and banking Trojans has also increased, with COVID-19 used as a lure to get people to open malicious email attachments and inadvertently install the malware.
Between February and March 2020, there was a 569% increase in malicious domain registrations and 788% growth in high-risk registrations, according to one INTERPOL partner. Those domains have been used for phishing, distributing malware, and for a wide range of scams, including the sale of fraudulent medical commodities such as PPE.
The increase in cybercrime is not expected to stop. INTERPOL has warned there are likely to be further increases in cybercriminal activity in the near future, with cybercriminals not only stepping up their activities but also developing more advanced and sophisticated attacks, especially with a view to obtaining information on vaccines for SARS-CoV-2.