The increase in covid-19-related cybercriminality amid the crisis

Social distancing, and later mandatory confinement, made businesses and individuals turn to the Internet for several reasons: remote work, online shopping or simply entertainment and keeping in touch with family and friends.

Increased online activities is an opportunity that cybercriminal did not miss. On March 27th, Europol issued a report highlighting the fact that the current rise of cybercriminality is related to the virus. The report lists several examples of current trends that are directly linked to the use of the Internet during this period.

Firstly, one of the most common risk is downloading malwares form websites, trustworthy or not, of information about the disease or its evolution. While most of those malwares are set to steal data, some can also be ransomwares that are going to lock the user mobile or computer until a ransom is paid. For example, the recent app , Covid-19 Tracker, that claims to allow to follow the updates of the infection, was actually installing a ransomware that stole or completely erased the phone’s data.

Hackers also use the interest of people for information by creating fake websites or through phishing campaigns about the virus. Researchers from the cybersecurity company, Barraccua, noted a rise of 667% of attack targeting mails between the end of February and March 23th. The governmental website Cybermalveillance.gouv reminds everyone of always checking websites reliability, to never download files from unknown senders and finally, alert about the false charity campaigns, like there used to be after the Notre-Dame of Paris fire.

Secondly, cyber attacks meant to slow down or stop institutions activities have also emerged with attack against hospitals, national and international institutions and labs. In France, a ransomware was sent against a hospital in Rouen of February 28th and a DDOS attack against Paris hospitals on Mars 22nd. In the United-States, the Health Department avoid a cyberattack on Mars 17th while the number of Covid-19 cases was rapidly rising. On March the 14th, a cyber attack struck a hospital and Covid-19 tests lab in the Czech Republic.

Thirdly, because the use of online ways of conversing whether for professional (like telecommuting) or personal reasons is increasing, cybercriminals took this opportunity to take advantage of vulnerabilities to have access to data. Furthermore, unless companies were already equipped for telecommuting, people who work from home usually have to use they own devices and wi-fi, probably less secured than at their office, thus weakening the company security and important data. Cybermalveillance.gouv reminds everyone the basic security measures and alerts about the risk of fake orders scams and
fraudulent bank transfer changes. The benevolant group  » Covid 19 Threat Coalition » created to fight the pandemic-related cybercriminaly listed about 14 thousands malicious URL and about 13 thousands malicious domain names.

Lastly, the last important risk is related to online shopping. Besides the increase in data theft linked to the rise in online shopping, Europol and the government highlights the rise of covid-19- related scams like fake or defective medical supplies ( gloves, masks, hydro-alcoholic gel …), fake medicine scams, or magical crystals, essentials oils or fake vaccines that claim to be efficient against the virus. In France, French Police also warned people against paid travel certificate scams.

Arielle Chemla
M2 Cyberjustice- Promotion 2019-2020

Sources :

https://www.economie.gouv.fr/dgccrf/arnaques-liees-au-coronavirus

https://www.cybermalveillance.gouv.fr/tous-nos-contenus/actualites/coronavirus-covid-19-vigilance-cybersecurite

https://www.coe.int/fr/web/cybercrime/-/cybercrime-and-covid-19

Laisser un commentaire