Europol: Coronavirus Crisis Spurs Rise In Ransomware, DDoS Attacks

Cyber-criminals increasingly targeting organsiations’ computing and online infrastructure for extortion attempts as huge numbers of staff work remotely

The coronavirus crisis has created a window of opportunity for cyber-attackers targeting organisations and critical services via ransomware and denial-of-service attacks, according to Europol.

Information from EU member states and Europol partner countries indicates some criminals using ransomware may have “intensified their activities”, Europol said.

They are also “actively recruiting collaborators” to maximise the impact of their schemes.

Europol found that the period between an initial ransomware infection and the activation of the ransomware has grown shorter since the beginning of the Covid-19 pandemic.

coronavirus Image credit: World Health Organisation
Image credit: World Health Organisation

‘The worst in humanity’

“Criminals do not wait for the ideal moment to launch the attack but try as soon as possible,” the agency said in a new report.

“This pandemic brings out the best but unfortunately also the worst in humanity,” said Europol executive director Catherine De Bolle.

She said criminals are taking advantage of the “surreal situation”, which sees a huge number of people working from home, often protected by outdated cyber-security systems.

The phishing and ransomware campaigns launched to exploit the crisis are “expected to continue to increase in scope and scale”, the study said.

Criminals have exploited existing ransomware during the crisis, but new ransomware families have also continued to appear.

Meanwhile, distributed denial-of-service (DDoS) attacks have registered a “slight increase” in recent weeks.

But Europol said it expects these attacks to grow further, in part because they represent an “accessible type of crime with limited barriers to entry”.

Disruption

Both types of attack involve the disruption of computing infrastructure, which has become ever more critical with so many people working remotely – making organisations more susceptible to extortion attempts.

“The pandemic may multiply the damaging impact of a successful attack against certain institutions, which reinforces the necessity for effective cyber resilience,” Europol said.

The agency warned that Dark Web marketplaces and digital communications channels are likely to be “increasingly used” to facilitate the distribution of illicit goods.

Europol also noted a rise in the spread of disinformation during the crisis as well as hybrid attacks involving cyberattacks and disinformation, disruption of critical services, undermining of public trust in governmental institutions and exploiting social vulnerabilities.

Those hoping to benefit from disinformation range from criminals looking for financial gains from digital advertisements, through to state actors looking to augment instability, Europol said.

It said users’ receptiveness to disinformation arises, paradoxically, from the oversaturation of available information along with a “perceived lack of trustworthy sources of news”.

European Union cybersecurity agency ENISA recently issued advice for employees on how to protect themselves from cyberattacks when working remotely.