In Interpol’s assessment of the situation, the following areas were highlighted:
Online Scams and Phishing – By deploying COVID-19 themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content.
Disruptive Malware – In the first two weeks of April 2020, there was a spike in ransomware attacks by multiple threat groups which had been relatively dormant for the past few months. Law enforcement investigations show the majority of attackers estimated quite accurately the maximum amount of ransom they could demand from targeted organizations.
Data Harvesting Malware – The deployment of data harvesting malware such as Remote Access Trojan, info stealers, spyware and banking Trojans by cybercriminals is on the rise. Using COVID-19 related information as a lure, threat actors infiltrate systems to compromise networks, steal data, divert money and build botnets.
Malicious Domains – Taking advantage of the increased demand for medical supplies and information on COVID-19, there has been a significant increase of cybercriminals registering domain names containing keywords, such as “coronavirus” or “COVID”. From February to March 2020, a 569 per cent growth in malicious registrations, including malware and phishing and a 788 per cent growth in high-risk registrations were detected and reported to INTERPOL by a private sector partner.
Misinformation – An increasing amount of misinformation and fake news is spreading rapidly among the public. Within a one-month period, one country reported 290 postings with the majority containing concealed malware. Other cases of misinformation involved scams via mobile text-messages containing ‘too good to be true’ offers such as free food, special benefits, or large discounts in supermarkets.
Cybercrime is big business these days and it will only get more sophisticated as time goes on. The huge spikes that we have witnessed in recent times are in direct response to the vulnerabilities which have been brought about by organisations trying to continue to function under extraordinary circumstances. Unfortunately, the more success enjoyed by cyber criminals, the more wealth and power they accumulate. This leads to yet more cutting-edge means of attack, and so the cycle goes on.
There are a various angles which MSPs use to address these threats for their clients, leading to comprehensive security stacks being deployed. However, the technical approach will never be perfect as quite often the methods used are closer to fraud than hacking. For this, there really is only one solution, and that is to train the users how to spot and then deal with such threats.
If you have not included KnowBe4 security training in your security stack yet, then you should find out more about how this can help you improve your service. Email partnersupport@brigantia.com or call Brigantia on 020 3358 0090 to find out more.
Ref. https://www.interpol.int/en/content/download/15526/file/COVID-19%20Cybercrime%20Analysis%20Report-%20August%202020.pdf
