International law enforcement organization Interpol published a report Tuesday that found an “alarming rate of cyberattacks” occurring during the coronavirus pandemic, with hackers shifting their focus from individuals and small businesses to major corporate and government systems.
The report also noted a major surge in online disinformation campaigns.
Interpol researchers saw an explosion of online scams and phishing schemes, which lure victims into installing malware on their systems or revealing sensitive information by sending them fake emails. Many of the latest scams take advantage of the coronavirus by impersonating government officials and health authorities.
Hackers are also setting up a great number of malicious, virus-infested domains that lure victims by offering information about the coronavirus. Interpol said one of its private-sector research partners reported a 569 percent increase in malicious domain registrations between February and March of 2020.
“Nearly 30 percent of countries which responded to the global cybercrime survey confirmed the circulation of false information related to COVID-19 [Chinese coronavirus]. Within a one-month period, one country reported 290 postings with the majority containing concealed malware,” Interpol reported.
Another common tactic involves sending emails and text messages to victims that claim to offer food, medicine, or financial assistance to people worried about the pandemic. Fake offers of medicine were common across Asia and the Middle East. A large number of phishing emails claimed to be from government health agencies or the World Health Organization.
In Europe and the United States, hackers took advantage of the huge increase in teleworking, launching energetic campaigns against employees working from home in an effort to gain access to corporate networks.
Interpol’s private consultants identified the Business Email Compromise (BEC) as the “scheme of choice” for cyber-criminals during the pandemic. In short, BEC refers to deceiving people with emails that appear to be legitimate messages from their employers, or from companies their employers do business with.
Many BEC attacks trick the victim into electronically transferring payments to the hackers, or making online purchases and giving them control of the goods. Others are more subtle, quietly infecting home users or their company servers with data harvesting malware that can lurk unnoticed for months while it relays sensitive data back to its masters.
One unusual new “attack vector” described by Interpol involves hackers sending physical phishing mail to victims: letters mailed to targets that contain USB drives laced with malware code. Inserting such a device into a computer can bypass some of the security software that might block viruses sent by email or downloaded from malicious domains. Hackers could be gambling that people working from home during the pandemic are more willing to plug in USB drives that appear to come from their employers or business contacts.
Interpol also noticed a surge in “sextortion” — blackmailing people into providing sexual favors and dirty pictures, or using sexually explicit material stolen from computers to demand cash payments — and the sexual exploitation of children during the pandemic.
Interpol reported ransomware attacks are also on the rise after a period of relative quiet at the beginning of 2020. Ransomware involves hacking a system or infecting it with a virus that makes valuable data unrecoverable unless the hacker is paid a ransom to unlock it. Sometimes the attackers threaten to sell sensitive data on the black market unless victims pay up to retrieve it.
The top ransomware attacks of 2020 have cost victims over $144 million, with expenses ranging from investigations and network repair to simply paying the ransoms demanded by hackers. The most active ransomware operations have become sinister little corporations unto themselves, with recognizable brand names — the better to convince victims they should pay the ransoms demanded to “reputable” criminals who will return their data unharmed if their demands are met.
Interpol’s report said a troubling number of ransomware attacks have been directed at “key organizations and infrastructure required to assist in the response to Covid-19,” perhaps on the theory that victims scrambling to respond to the pandemic are more likely to pay ransoms to recover their data.
Interpol’s report concluded by calling for more data sharing and international law enforcement cooperation, especially when it comes to tracking down ransomware gangs and the proprietors of malicious domains that lure victims with promises of coronavirus assistance. Stronger public-private partnerships were also recommended to crack down on cybercrime. Interpol credited private security firms as invaluable sources of information about malicious activities.
“As COVID-19 continues to persist globally, a further increase in cybercrime is highly likely in the near future,” the report warned, adding that other forms of criminal activity are also increasing during pandemic lockdowns, putting more money into the black market and dark web for buying stolen data and financing coronavirus scams.