By Sumit Kumar Singh
Online sale of fake medical supplies, drugs and personal protective equipment, and exploitation of teleconference tools are the major Covid-19 cybercrime trends in Asia, said Interpol in a report released.
The ‘Covid-19 Cybercrime Analysis Report – August 2020’, which assesses the impact of the coronavirus pandemic on cybercrime, also stated: “Circulation of fake news and misinformation related to Covid-19 has been reported by most ASP (Asia and South Pacific) member countries.”
It also pointed out that major challenge in Asia was lack of cyber-security awareness and ‘hygiene’.
The assessment of the impact of Covid-19 on cybercrime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure, it said.
The report also stated that as organisations and businesses are rapidly deploying remote systems and networks to support staff working from home, cybercriminals are taking advantage of increased security vulnerabilities to steal data, generate profits and cause disruption.
In one four-month period (January to April) some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs – all related to Covid-19 – were detected by one of Interpol’s private sector partners.
“Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by Covid-19,” Interpol Secretary General Jurgen Stock said in a statement.
“The increased online dependency for people around the world, is also creating new opportunities, with many businesses and individuals not ensuring their cyber defences are up to date. The report’s findings again underline the need for closer public-private sector cooperation if we are to effectively tackle the threat Covid-19 also poses to our cyber health,” he said.
Interpol stated that the threat actors have revised their usual online scams and phishing schemes.
By deploying Covid-19-themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content.
“Around two-thirds of member countries which responded to the global cybercrime survey reported a significant use of Covid-19 themes for phishing and online fraud since the outbreak,” the report said.
It also stated that cybercriminals are increasingly using disruptive malware against critical infrastructure and healthcare institutions, due to the potential for high impact and financial benefit.
In the first two weeks of April, there was a spike in ransomware attacks by multiple threat groups which had been relatively dormant for the past few months.
Law enforcement investigations show the majority of attackers estimated quite accurately the maximum amount of ransom they could demand from the targeted organisations, the report stated.
It also stated that the deployment of data harvesting malware such as Remote Access Trojan, info stealers, spyware and banking Trojans by cybercriminals is on the rise.
Using Covid-19 related information as a lure, threat actors infiltrate systems to compromise networks, steal data, divert money and build botnets.
Taking advantage of the increased demand for medical supplies and information on Covid-19, there has been a significant increase of cybercriminals registering domain names containing keywords, such as “coronavirus” or “Covid”.
These fraudulent websites underpin a wide variety of malicious activities including C2 servers, malware deployment and phishing.
From February to March 2020, a 569 per cent growth in malicious registrations, including malware and phishing and a 788 per cent growth in high-risk registrations were detected and reported to Interpol by a private sector partner.
Increasing amount of misinformation and fake news is spreading rapidly among the public, the Interpol cautioned.
Unverified information, inadequately understood threats, and conspiracy theories have contributed to anxiety in communities and in some cases, facilitated the execution of cyberattacks.
Nearly 30 per cent of countries which responded to the global cybercrime survey confirmed the circulation of false information related to Covid-19.
“Within a one-month period, one country reported 290 postings with the majority containing concealed malware,” the report stated.
There are also reports of misinformation being linked to the illegal trade of fraudulent medical commodities.
Other cases of misinformation involved scams via mobile text-messages containing ‘too good to be true’ offers such as free food, special benefits, or large discounts in supermarkets.
(The author can be reached at [email protected])
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]