Thursday, August 13, 2020

Not Just Logistics Businesses Under Threat from Cyber Crime as INTERPOL Reports

Huge Surge in Every Type of Online Offence During Lockdown
Shipping News Feature

WORLDWIDE – This month INTERPOL has released a report with regard to patterns of cyber-crime, the online cancer of the age of internet technology, and its evolution during the current pandemic. And the details should make every business, big or small, whether in logistics or otherwise, sit up and take notice.

The report, which can be downloaded here, reveals the upsurge in incidents at a time half of the world or more was in lockdown. One INTERPOL partner alone reported 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs in the four-month period from January to April 2020.

Remote working has apparently exacerbated the problem, criminals taking advantage of increased security vulnerabilities as staff work from home on insufficiently secure equipment. This latest report quantifies results from around the globe using data gathered during April and May. Private partners and INTERPOL operators were joined by the Singapore based INTERPOL Cybercrime Threat Response Unit (CTR) and Cyber Fusion Centre (CFC).

The key points of the report are as follows:

  • Online Scams and Phishing Already a scourge of many, Covid-19 has seen threat actors pick up the pace and revise the usually seen schemes to match the effects of the pandemic. These mean often impersonating Government and health authorities, cyber criminals entice victims into providing their personal data and downloading malicious content. Most respondents had observed a significant use of Covid-19 themes for this type of activity. Logistics provides rich pickings for this type of scam with fraudsters offering to ship quantities of PPE etc.
  • Disruptive Malware (Ransomware and DDoS) Cyber criminals are increasingly using disruptive malware against critical infrastructure and healthcare institutions due to the potential for high impact and financial benefit. This type of attack has the potential to potentially cripple businesses, and the degree of sophistication shows an intelligence possessed by the attackers evidenced by their ability to gauge just how much ransom they can glean from a target. Unfortunately payment does not necessarily make the problem disappear.
  • Data Harvesting Malware
  • The deployment of data harvesting malware such as remote access Trojans, info stealers, spyware and banking Trojans by cyber criminals is also on the rise. Using Covid-19 related information as a lure, threat actors infiltrate systems and attempt to compromise networks, steal data, divert money and build botnets.
  • Malicious Domains Taking advantage of the increased demand for medical supplies and information on Covid-19, there has been a significant increase in cyber criminals registering domain names containing keywords such as ‘Coronavirus’ or ‘Covid’. These fraudulent websites underpin a wide variety of malicious activities including C2 servers, malware deployment and phishing. Domain providers routinely advise INTERPOL of suspicious domain registrations and these increased during lockdown to the tune of 6 to 7 times the normal level.

Misinformation is another concern for the authorities, the ability to verify the veracity of news items and comment has be eroded by the speedy transfer of fake news between gullible members of the public or those with an agenda. The damage caused by this type of information is incalculable, not helped when senior political figures issue nonsense statements which people accept as fact (witness the witless remarks from the US and Brazilian leaders).

This type of ‘information’ has the potential to cost thousands of lives, as the search for a vaccine continues so already compromised ‘medical’ figures warn of the dangers of protecting oneself against the virus basing the views on opinion, never evidence.

The INTERPOL report details how criminals are developing and boosting attacks ‘at an alarming pace’ and reveals facts such as ‘Cybercrime-as-a-Service’ is being offered on Darknets to potential purchasers giving them an easy route into blackmail and disruption, and it foresees the problems increasing even post Covid.

What is clear is that all businesses, and indeed individuals must be particularly vigilant at this time against a series of threats which are in fact their own type of technological virus.