'Alarming' rate of cyberattacks aimed at major corporations, governments and critical infrastructure amid COVID-19: Report
Interpol says that attackers have switched focus away from individuals.
As COVID-19 cases around the United States continue to rise, the International Criminal Police Organization (Interpol), says that governments are seeing an "alarming" rate of cyberattacks aimed at major corporations, governments and critical infrastructure.
A new report released by the organization says that malicious actors have switched focus from "individuals and small businesses to government agencies and the healthcare sector, where higher financial demands can be made."
“With organizations and businesses rapidly deploying remote systems and networks to support staff working from home, criminals are also taking advantage of increased security vulnerabilities to steal data, generate profits and cause disruption,” the organization's news release says.
Of global cyber-scams, 59% are coming in the form of spear phishing, which according to the technology group Trend Micro, "is a potent variant of phishing, a malicious tactic which uses emails, social media, instant messaging, and other platforms to get users to divulge personal information or perform actions that cause network compromise, data loss, or financial loss."
"By deploying COVID-19 themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content," the statement says.
The agency says some of the top COVID-19 spear phishing tactics include scammers using emails immitating national or global health experts, government orders and financial support initiatives, payment requests, vaccine offers, COVID-19 tracking apps, stock tips and COVID-19 charity donations.
Interpol says that 36% of the cyberthreats come from malware and ransomware, which is defined by the technology group Forcepoint as software that "typically consists of code developed by cyber-attackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network."
According to Interpol, the organization identified and analyzed 200,000 malicious domains affecting more than 80 member countries. Forty-eight out of the 194 member countries participated in survey, conducted in April and May of 2020, with 42% participation coming from Europe. Nearly 22% of the countries surveyed reported malicious domains with the keyword "Corona" or "COVID" as key words.
The report also said an increasing amount of misinformation has been spreading rapidly and includes "unverified information, inadequately understood threats, and conspiracy theories [that] have contributed to anxiety in communities and in some cases facilitated the execution of cyberattacks."
Interpol offers recommendations such as up-to-date information sharing between countries and an increase in public/private partnerships to combat the threat of cyberattacks.