Criminals Have Ramped Up Covid-19 Related Attacks

A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK are reporting. Over 25% of the cyber attacks that the UK's National Cyber Security Centre (NCSC) responded to were Covid-related, it says in its most recent annual report.  

The Report covers the period from September 2019 to August 2020, so the pandemic occupied an even higher proportion of the agency's efforts after the first lockdown began. In total there were 723 incidents of all kinds, marking close to a 10% rise on the previous period. Of those, 194 were Covid-related.

Some of the incidents related to countering nation-state attacks, but most were criminal in nature. The NCSC says that it countered 15,354 campaigns that had used coronavirus themes as a "lure" to fool people into clicking on a link or opening an attachment containing malicious software. Some involved fake shops selling PPE (personal protective equipment), test kits and even vaccines.

Vaccine Hackers: Protecting the NHS and health-related research has been a priority, the report said. In July, the UK accused Russia of trying to steal vaccine-related information through cyber-espionage. And officials said they had continued to see an "ongoing threat" of states targeting the vaccine research-and-delivery programme. The NCSC said it had scanned more than one million NHS IP (internet protocol) addresses to look for vulnerabilities, and had shared 51,000 indicators of compromise. 

It has also carried out "threat hunting" to look for security risks on connected devices, and worked on the security of the NHS Covid-19 contact-tracing app.

Ransomware Attacks: The NCSC also warned ransomware attacks had become more common.
Ransomware locks people out of their computers and demands victims make a blackmail payment to restore access - and even then it is not always granted. The NCSC said it had handled more than three times as many ransomware incidents as in the previous year. These included an attack against Redcar and Cleveland Council which, the officials said, had "caused considerable damage and disruption". 

The report added the NCSC had observed a growing trend for such attacks to be more targeted and aggressive than previously.

Rather than just locking people out of access to their data until a ransom was paid, attackers often warned they would embarrass victims if they refused to comply.

Jeremy Fleming, the Director General of NCSC's parent, the GCHQ spy agency, said that NCSC' expertise had been “invaluable” in countering high levels of malicious state and criminal activity, and protecting against those who had tried to exploit the pandemic.

NCSC:       GovUK:     CISO Mag:     BBC:      Interpol:

You Might Also Read:

Securing The Remote Workforce Is A Top Priority:

 

« Cyber Warfare Is The New Frontier
Taiwan Company Guilty Of Semiconductor IP Theft »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

Digital Management (DMI)

Digital Management (DMI)

DMI is a provider of mobile enterprise, business intelligence and cybersecurity services.

Cycode

Cycode

Cycode is the industry’s first source code control, detection, and response platform.

ThreatSwitch

ThreatSwitch

ThreatSwitch a software platform for cleared federal contractors to get and stay compliant with NISPOM and Conforming Change 2.

European Healthcare Fraud & Corruption Network (EHFCN)

European Healthcare Fraud & Corruption Network (EHFCN)

EHFCN is the only organisation dedicated to combating fraud, corruption and waste in the healthcare sector across Europe.

Findcourses.co.uk

Findcourses.co.uk

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

Right-Hand Cybersecurity

Right-Hand Cybersecurity

Right-Hand Cybersecurity empowers businesses to monitor, measure and mitigate employee induced cyber risks in real-time.

CyGlass

CyGlass

CyGlass simply and effectively identifies, detects, and responds to threats to your network without requiring any additional hardware, software, or people.

BlackDice Cyber

BlackDice Cyber

Threat Intelligence is only part of the solution. Our solution matches threats to vulnerabilities and automatically takes remedial action against compromised apps, devices and websites.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

Check Point Software Technologies

Check Point Software Technologies

Check Point Software Technologies is a leading provider of cyber security solutions to governments and corporate enterprises globally.

Quod Orbis

Quod Orbis

Quod Orbis are a fast-growing, innovative company providing market-leading expertise in cyber security and Continuous Controls Monitoring (CCM).

Cynch Security

Cynch Security

Cynch Security are passionate about building a world where every business is resilient to cybersecurity risks, no matter what their size.

EGUARDIAN

EGUARDIAN

EGUARDIAN serves as a Value-Added Distributor and technology enabler in the APAC region with the aim of further expanding globally and cater to the needs of the demands with the emerging technology.

GAM Tech

GAM Tech

GAM Tech is a Managed IT Service Provider that serves small and medium sized businesses in Alberta, British Columbia, Ontario and Quebec.