Impact of first 100-days of Covid-19, includes volume of attacks up 33%

News by Andrew McCorkell

Severe spike in cyber scams amid coronavirus pandemic, volume of all categories of cyber-attacks has increased by 33 percent, 118.7 million in March alone.

The monthly volume of all categories of cyber-attacks has increased  by 33 percent between January and the end of March 2020 as a result of the Covid-19 pandemeic with a total of 118.7 million in March alone according to a Mimecast report which found:

• Spam/opportunistic detections increased by 26.3 percent

• Impersonation detections increased by 30.3 percent

• Malware detections increased by 35.16 percent

• Blocking of URL clicks increased by 55.8 percent

In its report 100 Days of Coronavirus (Covid-19), researchers also found that cybercriminals were tailoring scams to match to the big news stories of any given day.

It’s a well-rehearsed trick from criminals looking to improve their chances of convincing the public to click on an infected link or open a dangerous file.

There have even examples of a phishing campaign linked to the UK’s furlough scheme which Mimecast identified on the day the scheme opened, and an NHS-themed campaign that was linked to news about the coronavirus-tracing application.

The Mimecast Global Cyber Threat Intelligence report analysed key trends and shows how cybercriminals acted on a week-by-week basis during the crisis, including types of attack and growth in detections.

Carl Wearn, head of e-crime at Mimecast said there have been significant increases to the volume of all threats, particularly those already high in volume such as spam and impersonation.

Much of the increase can be attributed to the increased opportunities coming through the changes to working practices and a blurring of home and work life responsibilities.

“With employees isolating at home with a potential lack of robust verification processes, threat actors are finding ample opportunity to exploit the current lockdown measures that are in place across multiple countries,” Wearn said.

“We’re also seeing more traditional crime being carried out online, adding to the additional volume. This wider trend has been taking place over the last decade or so but has been further amplified by the present circumstances.”

The Mimecast data shows that the retail and manufacturing sector have consistently been the most targeted sectors since the outbreak of the pandemic.

“Much of this can be put down to the fact that these industries are still operating at full capacity and even taking on extra staff in order to help manage the outbreak,” Wearn added.

“These sectors are crucial to every nations’ subsequent recovery and cybercriminals are well-aware of this fact and adjusting their attack methods accordingly.

“It’s evident that cybercriminals will not miss this opportunity to pursue their agenda at the expense of companies and unsuspecting victims. That is why it is important that businesses remain vigilant when communicating with third parties and suppliers as there may well be an increase in the range of businesses folding in the coming months, and criminals may seek to exploit a company’s previous clients or customers.”

“It is therefore all the more important that organisations train and regularly refresh their employees in cyber-hygiene, and equip them with an awareness of the current threats, which are extensive at this time.”

The report found a “clear a step change in threat actor activity” coinciding with the WHO-China Joint Mission and the US stock market crash.

There have been significant increases in the numberof all threats, particularly those already high in volume such as spam and impersonation.

And cybercriminals have looked to take advantage of the unique circumstances of the pandemic and lockdowns as well as the associated “fear and uncertainty.”

The situation lends itself to increased incidents of human error due to stress and the difficulties of working in an environment, restricted work space or extra care for vulnerable co-residents or children where schools have been closed.

“Threat actors will always seek opportunities for exploiting chaos, confusion, and uncertainty to their advantage,” the report said.

“Through utilising deception, feigns, and guile they seek to deliver malicious effects.”

It also concluded that there was a realistic probability of “significant disruption continuing for many months”, through successive waves of the virus and further lockdowns.

Jake Moore, cybersecurity specialist at ESET commented in an email to SC Media UK: “This increase has not come out of the blue, as cybercriminals have a long history of jumping on pandemics around the world. In fact, this sort of spike was largely predicted by many cyber professionals, but the usual problem is making those organisations who are at risk aware of the threats, and taking real and positive action.”

Moore said that cyber security and awareness is “very often an afterthought”, so the current situation could act as a turning point and deliver that message home to those at risk of attack.

He added: “Naturally, businesses need to remain more vigilant than ever, but it’s not as simple as that as many attacks still fall through the net.

“A new approach to cyber risks and even a shift in culture is required before we see a downward spike and turn round the war on cybercriminals.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews