International police body Interpol has warned that cybercriminals are taking advantage of the fear and uncertainty caused by the COVID-19 pandemic, as well as the increased number of people working from home.
“Cybercriminals are developing and boosting their attacks at an alarming pace,” said Interpol secretary general Jürgen Stock.
Its assessment of the impact of COVID-19 on cybercrime shows that criminals are shifting their focus from individuals and small businesses to major corporations, governments and critical infrastructure.
“With organisations and businesses rapidly deploying remote systems and networks to support staff working from home, criminals are also taking advantage of increased security vulnerabilities to steal data, generate profits and cause disruption,” Interpol says.
In the four-month period from January to April, one of the body’s private sector partners found around 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs - all related to COVID-19.
“The report’s findings again underline the need for closer public-private sector cooperation if we are to effectively tackle the threat COVID-19 also poses to our cyber health,” said Mr Stock.
Interpol's report found that cybercriminals had changed their usual online scams and phishing schemes, using COVID-19 themed phishing emails, often impersonating government and health authorities, to lure victims into providing their personal data and downloading malicious content.
Interpol also reported the increased use of disruptive malware against critical infrastructure and healthcare institutions, with a spike in ransomware attacks in the first two weeks of April. In these attacks, criminals demand payment from organisations in order to regain access to their data.
The police body also noted a significant increase in the amount of domain names with keywords such as ‘coronavirus’ or ‘COVID’ being registered by cybercriminals.
It also warned that misinformation and fake news had in some cases facilitated the execution of cyberattacks. “Within a one-month period, one country reported 290 postings with the majority containing concealed malware,” Interpol said.