Since the initial lockdown, we have seen the rise of certain types of cybercrime, including scams and fraud campaigns that either bank on the global COVID-19 pandemic or take advantage of potential victims that adhere to work-from-home measures.
In the UK, the National Crime Agency (NCA) has determined that many types of cybercrime, such as ransomware attacks, digital fraud, and insider threats—with a specific mention of child sexual abuse—have increased because of more users in the UK logging online to do work, attend online classes, and (at the first few months of lockdown) alleviate boredom.
The agency also noted the resilience and adaptability of serious and organized crimes (oddly labeled as "SOCs," despite the same acronym meaning "security operation center" in the cybersecurity field) in their use of technology and well-established tools to avoid detection. For example, budding and professional criminals are using commercially available encryption, Secure Messaging Applications (SMAs), and decentralized messaging apps, which usually comes with a crypto wallet, to manage their own data and mask their identities and communications. They also use cryptoassets to buy and sell illegal commodities in the underground or to launder money. Because of this, the NCA has assessed that by disrupting the technology, including the capabilities that enable them, they can end criminal schemes in an efficient manner.
SOCs are categorized as “significant and established national security threat that endangers the integrity, legitimacy, and sovereignty of the UK and its institutions, both at home and overseas.” It is no surprise to see SOCs being conducted over the internet by crime groups. And the NCA has been monitoring them year on year.
Organized crime: Ransomware-as-a-service (RaaS)
The growing threat of ransomware continues to loom over organizations across industries worldwide. In the UK, the estimated direct and indirect cost of ransomware is, at most, billions of pounds per year. However, determining the exact figure has always been a challenge seeing that underreporting and inaccurate cost estimates were and have been pretty much a problem in 2020. Underreporting is primarily caused by lack of awareness of who to report an attack to and, in some cases, the general reluctance to report for fear of reputational damage and/or uncertainty.
The NCA has observed a dramatic increase in demand for Remote Desktop Protocol (RDP) credentials. This is because of the increased use of such software following remote working. Criminals gaining these credentials could no doubt also access corporate networks.
Lastly, cybercriminals use current events in their spam and phishing emails—another way to get into corporate networks. They have themed their campaigns around COVID-19 and the end of the financial year for the business.
Organized crime: Online fraud
COVID-19 themes are also common in fraud campaigns. According to Action Fraud, the UK’s go-to reporting center for fraud and cybercrime, between January to December 2020, victims lost an estimated total of 3 billion GBP to fraudsters.
The increased reliance on online services has encouraged fraudsters to target and take advantage of the more vulnerable and less security-savvy UK citizens, giving rise to shopping fraud, auction fraud, and, of course, sophisticated phishing campaigns. If criminals couldn’t find a way to their potential victims, online advertising has served as the perfect means for their victims to come to them. Fraudsters have been observed to use social media and online service platforms to post up fraudulent ads.
The NCA cited other fraud campaigns, such as romance scams and misinformation campaigns surrounding Brexit, the UK’s departure from the European Union.
What’s the difference between ‘catfishing’ and ‘catfishing’? Find out here.
Organized crime: Insider threats
In the financial sector, working from home shined a light on the problem of reduced ability to monitor staff, thus missing signs of unusual behaviour and other signs that give away employee struggles. This opens the possibility of an insider threat, a threat that businesses hardly mention, let alone prepare for.
Disgruntled employees and those struggling financially could more likely be tempted to engage in bribery and corruption when opportunity presents itself. Incidents involving these would be difficult to trace or pinpoint as they are usually presented as genuine payments for goods with increased market rates. There is also a realistic possibility that such engagements will only increase as businesses in the UK begin recovery measures from the impact of the pandemic and Brexit.
Future cybercrimes in the UK and beyond
Whether or not these online organized crimes will continue to be noteworthy in the next year is yet to be seen. However, notice that these online crimes have already been present, pre-pandemic and pre-Brexit. More often than not, when everyone starts living in “the new normal,” it’s highly likely that the possible turnout will all just be differences in numbers: Ransomware, for example, may or may not have higher victim rates after a year. Or, perhaps, romance scams will dramatically scale down to nonexistence. Perhaps.
However cybercrime will look like in the future, what remains constant is the continued vigilance of groups like the NCA and businesses in the public and private sectors on effectively educating and training UK employees on cybercrimes that affect them and how they should respond. As a business, they should know what steps to take to further improve their security posture and who to contact in the event of a cybercrime incident they may encounter. Lastly, much stress should also be placed in reporting to spread awareness, help other organizations avoid being victimized, and for law enforcement to keep track of cybercriminals.