Criminals Have Ramped Up Covid-19 Related Attacks

Uploaded on 2020-11-09 in TECHNOLOGY--Hackers, FREE TO VIEW

A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK are reporting. Over 25% of the cyber attacks that the UK's National Cyber Security Centre (NCSC) responded to were Covid-related, it says in its most recent annual report.  

The Report covers the period from September 2019 to August 2020, so the pandemic occupied an even higher proportion of the agency's efforts after the first lockdown began. In total there were 723 incidents of all kinds, marking close to a 10% rise on the previous period. Of those, 194 were Covid-related.

Some of the incidents related to countering nation-state attacks, but most were criminal in nature. The NCSC says that it countered 15,354 campaigns that had used coronavirus themes as a "lure" to fool people into clicking on a link or opening an attachment containing malicious software. Some involved fake shops selling PPE (personal protective equipment), test kits and even vaccines.

Vaccine Hackers: Protecting the NHS and health-related research has been a priority, the report said. In July, the UK accused Russia of trying to steal vaccine-related information through cyber-espionage. And officials said they had continued to see an "ongoing threat" of states targeting the vaccine research-and-delivery programme. The NCSC said it had scanned more than one million NHS IP (internet protocol) addresses to look for vulnerabilities, and had shared 51,000 indicators of compromise. 

It has also carried out "threat hunting" to look for security risks on connected devices, and worked on the security of the NHS Covid-19 contact-tracing app.

Ransomware Attacks: The NCSC also warned ransomware attacks had become more common.
Ransomware locks people out of their computers and demands victims make a blackmail payment to restore access - and even then it is not always granted. The NCSC said it had handled more than three times as many ransomware incidents as in the previous year. These included an attack against Redcar and Cleveland Council which, the officials said, had "caused considerable damage and disruption". 

The report added the NCSC had observed a growing trend for such attacks to be more targeted and aggressive than previously.

Rather than just locking people out of access to their data until a ransom was paid, attackers often warned they would embarrass victims if they refused to comply.

Jeremy Fleming, the Director General of NCSC's parent, the GCHQ spy agency, said that NCSC' expertise had been “invaluable” in countering high levels of malicious state and criminal activity, and protecting against those who had tried to exploit the pandemic.

NCSC:       GovUK:     CISO Mag:     BBC:      Interpol:

You Might Also Read:

Securing The Remote Workforce Is A Top Priority:

 

« Cyber Warfare Is The New Frontier
Taiwan Company Guilty Of Semiconductor IP Theft »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Tufin

Tufin

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment.

Centre for the Protection of National Infrastructure (CPNI)

Centre for the Protection of National Infrastructure (CPNI)

CPNI works with the National Cyber Security Centre (NCSC), Cabinet Office and lead Government departments and agencies to drive forward the UK's cyber security programme to counter cyber threats.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

Tech-Recycle

Tech-Recycle

Tech-Recycle was formed to help companies and individuals securely, ethically and easily recycle their IT and office equipment. We destroy all data passed to us safely and securely.

Early Birds

Early Birds

Early Birds is a Business to Business (B2B) marketplace for Innovators (Startups/Scaleups) and Early Adopters to exchange value early on.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

Path Forward IT

Path Forward IT

Path Forward IT has been troubleshooting, architecting, migrating, protecting, and securing IT environments for businesses across the USA since 2002.

Endure Secure

Endure Secure

Endure Secure is a managed cyber security & information security consultancy. Our passion for IS and our understanding of the threat landscape is reflected in the services that we provide.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

ASRC Federal

ASRC Federal

ASRC Federal’s mission is to help federal civilian, intelligence and defense agencies achieve successful outcomes and elevate their mission performance.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.

Technoware Solutions

Technoware Solutions

Technoware Solutions is a global company committed to helping entities navigate the digital waters of modernizing their system processes in an ever changing cybersecurity landscape.

itm8

itm8

itm8 is a Nordic digital transformation partner offering a wide range of services in IT operations and Cloud Services, Digital Transformation, Application Services, ERP, and Cyber Security.

Mode

Mode

Mode is an out-of-band communication and crisis collaboration platform. One platform to manage your cyber crisis response. Stay connected when it's needed most.