Kaspersky: Covid-19 has created a “perfect storm” for cybercriminals

Ellen Daniel 15 July 2020 (Last Updated July 15th, 2020 08:12)

The Covid-19 pandemic has created a "perfect storm" for scammers and hackers, with smaller businesses facing a significant threat, experts from Kaspersky have warned.

Kaspersky: Covid-19 has created a “perfect storm” for cybercriminals

The Covid-19 pandemic has created a “perfect storm” for scammers and hackers, with smaller businesses facing a significant threat, experts from Kaspersky have warned.

The increased cyber threat created by the pandemic has been widely reported, with Action Fraud warning the public to “remain vigilant ” as £16.6m has been lost to online shopping fraud since lockdown was announced in June.

As a result, one in four Brits feel more vulnerable to hackers at this time, according to research by iProov.

“The nature of the attack never really changes that much”

Speaking at a recent Kaspersky webinar, Claire Hatcher, head of the fraud prevention department at Kaspersky, explains that although the nature of cyberattacks has not changed, the pandemic has given cybercriminals a new context to exploit:

“As everyone moved online, there were a lot of businesses and individuals who weren’t as used to transacting or interacting online and this gave the perfect opportunity for the fraudsters to have this new thing where there wasn’t a lot of information on, there wasn’t mass awareness about what it would mean for them, so they had this perfect situation that they could capitalise on. I’ve been in this industry for over a decade, and the nature of the attack never really changes that much, it’s always get in through phishing, download some malware, and then the human aspect afterwards of social engineering to use those credentials.

“The newness is just the context. The attack is just the same one re envisaged in the new world that we live in and it’s naturally increased a lot because people are more susceptible now.”

A new hook for criminals

For businesses, the rapid acceleration of digital transformation, and the switch to remote working for many, runs the risk of cybersecurity becoming an afterthought.

David Emm, of the Global Research and Analysis team at Kaspersky, said that the move to online has created numerous opportunities for fraudsters:

“We’ve had something of a perfect storm in a way as we’ve had on the one hand businesses and individuals forced to do everything from home. And that includes banking, shopping, socialising, it includes working in many cases for those of us lucky enough to be able to work from home, and so we have had a situation where  suddenly many of us are outside of the protective ring offered by the corporate network.

“At the same time, the criminals have been offered this hook which is persistent. Consider Valentines Day or Black Friday or the Olympics or the World Cup, they’re kind of here today, gone tomorrow topics that they can latch onto. many many small businesses and certainly individuals are not necessarily so well equipped. That’s kind of created vulnerabilities that the criminals can exploit.”

He explains that this is not only the case for phishing attempts, but also for sophisticated targeted attacks:

“I work for the Global Research Analysis Team and our focus is on sophisticated targeted attacks. Even in that sector too, they’re exploiting Covid-19 as a lure. They’re not really changing their techniques, tactics and procedures, but they are definitely cashing in on this as a way of going after particular targets using spear phishing mechanisms. So they’ve recognised how important this is as a global event and how they can exploit it.”

Digital transformation

According to VMware Carbon Black’s Global Threat Report, 91% of execs believe that working from home has led to a rise in cyberattacks, with 85% of chief information officers, chief technology officers and chief information security officers believing that workers in their organisation had not been fully equipped to work from home.

The pandemic has undoubtedly disrupted organisations from every sector, but smaller businesses, who may not be accustomed to a digital-first approach, or may lack the budget to ensure remote working is done securely, this has been particularly challenging.

Mimecast’s State of Email Security report found that 72% of respondents reported an increase in phishing on their organisations due to the global pandemic, with Mimecast reporting that impersonation fraud attempts jumped by 30% from January to April 2020.

Figures from Accenture indicate that 43% of cyberattacks are targeted at small businesses, and with many facing financial uncertainty, ensuring they are adequately equipped to ward off attacks is key.

DSI Neil Jones, Greater Manchester Police, Direction Cyber Resilience Centre for Greater Manchester believes that rapid digital transformation has meant that some businesses have “cut corners”:

“What we have seen is businesses have shifted significantly through their digital transformation. They may have been on a pathway to doing but never at the speed that they’ve had to change…the potential threat landscape that they’re exposed to has just grown rapidly overnight. The risk is when you’re doing things at pace you may have to cut corners, so not really consider investing in your cybersecurity and securing all the devices.

“Maybe people are working from home and they’re not actually using a device that the organisation owns and manages or they’re using their own home router and you’re relying on them having secured that. Businesses work in very different ways. You’ve seen restaurants that may have previously outsourced their online booking system, they weren’t doing takeaways and deliveries, but many industries have had to adapt to that way of working.”

“If you look at some of the reported fraud, it’s actually fairly static”

However, he explains that the idea that fraud has increased dramatically at this time is not entirely accurate:

“If you look at some of the reported fraud, it’s actually fairly static. There is a bit of a misnomer out there that fraud has gone through the roof in the pandemic but in terms of reported crime the numbers don’t follow that. We see about 27,000 to 30,000 reports of fraud a month generally speaking but in March and April it dropped down to about 23,000 if you look at the statistics that Action  Fraud publish on their dashboard. So it’s even fair to say that because everybody was distracted, be it individuals or businesses, during the first lockdown phase of the pandemic, we actually saw a reduction in it because everyone was trying to understand what it meant for them. But then since the 7th of June there’s been just over 2500 reports of Covid-19 related fraud, with total losses of £8.7m.”

Instead, this has varied across different types of fraud, with dating fraud increasing 35% compared with 2019, investment fraud up 30%, and courier fraud increasing by 16%. However, there has been a drop in computer software fraud and mandate fraud.

Bolstering defences

As many businesses attempt to adjust to the “new normal”, Hatcher believes that for many, ensuring a robust foundation when it comes to cybersecurity is essential:

“As you go down to the smaller organisations that probably don’t have the same money to invest in the kind of technology that can help them, going back to the basics for them and for us as individuals as well is absolutely critical. Making sure that you have in-house education, cybersecurity awareness training, being really suspicious about clicking on any links, downloading any applications, and really questioning whether they are coming from a verified source. It’s really easy to think “this looks like the government’s website, this looks like a legitimate email, but really double check that and do your own investigations and teaching those around you to do the same thing.”

Emm explains that this not only beneficial for the smaller businesses themselves, but for many different organisations at different points on the supply chain, with larger organisations benefitting from taking on a mentoring role:

“We think about organisations as being self standing bodies but they’re dependent on so many other organisations…we have seen in recent years supply chains being targeted deliberately as a way of getting into organisations. You think about Mersk for example and the hit they took after NotPetya or UPS. That is percieved as potentially being an achillies heel.

“The larger organisations can do themselves a favour by mentoring small ones because obviously the more resillient their supply chain, the more they’re doing to bolster their own defences.”


Read more: CyberSmart raises £5.5million to help protect SMBs.