Cybercrime is growing at an “alarming pace” as a result of the ongoing COVID-19 crisis and is expected to accelerate even further, a new report from INTERPOL has found.
It revealed the extent to which cyber-criminals are taking advantage of the increasing reliance on digital technology over recent months. This includes the rapid shift to home working undertaken by many organizations, which has involved the deployment of remote systems and networks, often insecurely.
Based on feedback from member countries, INTERPOL said that during the COVID-19 period, there has been a particularly large increase in malicious domains (22%), malware/ransomware (36%), phishing scams/fraud (59%) and fake news (14%).
Threat actors have revised their usual online scams and phishing schemes so that they are COVID-themed, playing on people’s economic and health fears.
The report also found that cyber-criminals have significantly shifted their targets away from individuals and small businesses to major corporations, governments and critical infrastructure.
Jürgen Stock, INTERPOL secretary general, said: “Cyber-criminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.
“The increased online dependency for people around the world is also creating new opportunities, with many businesses and individuals not ensuring their cyber-defenses are up-to-date.”
The study added that “a further increase in cybercrime is highly likely in the future.” This is primarily due to vulnerabilities related to remote working, a continued focus on COVID-themed online scams and, if and when a vaccination becomes available, another spike in phishing related to medical products.
Responding to the findings, Brian Honan, CEO of BH Consulting, said: “The COVID-19 pandemic is providing criminals with many opportunities as outlined in the INTERPOL report. Indeed, many organizations may be at increased risk of ransomware attacks due to having opened up remote access solutions, such as VPNS, to support remote working.
“These remote access points may not be properly configured and secured or, due to IT teams operating remotely, may not have the latest patches installed. In addition, staff may have had to use their own personal devices from home to work remotely which in turn poses challenges from a security point of view with regards to how to ensure those devices are secure.”
Jonathan Miles, head of strategic intelligence and security research at Mimecast, added: “It is important that organizations migrate away from a ‘keeping the lights on’ mentality and prioritize cybersecurity, especially at a time when threats aimed at a dispersed workforce are increasing. Failing to do so can lead to issues such as organizational downtime, data loss and a negative impact on employee productivity.”