Q3/2020 - INTERPOL

Anstieg von Cyberkriminalität durch COVID 19, Bericht, 6. August 2020

Am 6. August 2020 veröffentlichte Interpol die Ergebnisse einer Analyse über den Anstieg der Cyberkriminalität in den Monaten Januar – April 2020. Insgesamt seien fast eine Million COVID bezogene Spammails und 737 Angriffe mit Schadsoftware festgestellt worden und fast 50.000 Domainnamen mit einer missbräuchlichen Verwendung von Namen wie Corona, Covid und Pandemie seien registriert und für illegale Aktivitäten genutzt worden. Kriminelle Aktivitäten seien insbesondere in fünf Bereichen festgestellt worden:

  1. Online Scams and Phishing,
  2. Disruptive Malware (Ransomware and DDoS),
  3. Data Harvesting Malware,
  4. Malicious Domains und
  5. Misinformation[1]
Mehr zum Thema
  1. [1] Key findings highlighted by the INTERPOL assessment of the cybercrime landscape in relation to the COVID-19 pandemic include: “1. Online Scams and Phishing – Threat actors have revised their usual online scams and phishing schemes. By deploying COVID-19 themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content. Around two-thirds of member countries which responded to the global cybercrime survey reported a significant use of COVID-19 themes for phishing and online fraud since the outbreak. 2. Disruptive Malware (Ransomware and DDoS) – Cybercriminals are increasingly using disruptive malware against critical infrastructure and healthcare institutions, due to the potential for high impact and financial benefit. In the first two weeks of April 2020, there was a spike in ransomware attacks by multiple threat groups which had been relatively dormant for the past few months. Law enforcement investigations show the majority of attackers estimated quite accurately the maximum amount of ransom they could demand from targeted organizations. 3. Data Harvesting Malware – The deployment of data harvesting malware such as Remote Access Trojan, info stealers, spyware and banking Trojans by cybercriminals is on the rise. Using COVID-19 related information as a lure, threat actors infiltrate systems to compromise networks, steal data, divert money and build botnets. 4. Malicious Domains – Taking advantage of the increased demand for medical supplies and information on COVID-19, there has been a significant increase of cybercriminals registering domain names containing keywords, such as “coronavirus” or “COVID”. These fraudulent websites underpin a wide variety of malicious activities including C2 servers, malware deployment and phishing. From February to March 2020, a 569 per cent growth in malicious registrations, including malware and phishing and a 788 per cent growth in high-risk registrations were detected and reported to INTERPOL by a private sector partner. 5. Misinformation – An increasing amount of misinformation and fake news is spreading rapidly among the public. Unverified information, inadequately understood threats, and conspiracy theories have contributed to anxiety in communities and in some cases facilitated the execution of cyberattacks. Nearly 30 per cent of countries which responded to the global cybercrime survey confirmed the circulation of false information related to COVID-19. Within a one-month period, one country reported 290 postings with the majority containing concealed malware. There are also reports of misinformation being linked to the illegal trade of fraudulent medical commodities. Other cases of misinformation involved scams via mobile text-messages containing 'too good to be true' offers such as free food, special benefits, or large discounts in supermarkets.“ In: https://www.interpol.int/News-and-Events/News/2020/INTERPOL-report-shows-alarming-rate-of-cyberattacks-during-COVID-19