FBI: Covid-19 Cyberattacks Spike 400% in Pandemic

Online crimes reported to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) have roughly quadrupled since the coronavirus (Covid-19) pandemic, a senior cybersecurity official said in a webinar hosted by the Aspen Institute last week.

The number of cybersecurity complaints to the IC3 in the last four months has spiked from 1,000 daily before the pandemic to as many as 4,000 incidents in a day, said Tonya Ugoretz, the deputy assistant director of the FBI’s cyber wing, The Hill reported.

In particular, foreign nation-state hackers are going after organizations, such as healthcare institutions and research facilities, working on treatments for Covid-19, Ugoretz said. (via Reuters) “We certainly have seen reconnaissance activity, and some intrusions, into some of those institutions, especially those that have publicly identified themselves as working on COVID-related research,” she said. While it’s not uncommon for nation state hackers to target the biopharmaceutical industry, “it’s certainly heightened during this crisis,” the FBI official said.

Organizations researching potential drugs to treat or vaccinate Covid-19 victims are now more in the public eye, which “kind of makes them a mark for other nation-states that are interested in gleaning details about what exactly they’re doing and maybe even stealing proprietary information that those institutions have,” Ugoretz said. “Countries have a very high interest…” in information on a vaccine.”

A number of examples have surfaced in the last two months. In March, ransomware hackers hit 10x Genomics, a Pleasanton, California-based biotechnology research outfit working to understand the human body’s immune response to speed development of a Covid-19 vaccine. And, in a rare alert, Microsoft told “several dozen hospitals” to immediately patch weaknesses in their VPN installations after finding evidence that a ransomware crew was probing for spots to exploit.

The World Health Organization (WHO) and the U.S. Health and Human Services Department (HHS) have also not been spared by hackers. Iran-backed nation-state phishers were said to be involved in an attempted hijack of the personal email accounts of a number of WHO staffers. It marked the second WHO-related cyber attack in recent weeks. A hacking crew, perhaps the notorious DarkHotel, has repeatedly tried to break in the WHO network.

In mid-March, HHS hackers used bogus text messages to misinform people of an impending national quarantine owing to Covid-19. That cyber attack is believed to have been launched by a hostile foreign actor.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.