Throughout the pandemic the internet has been a lifeline for many, empowering people to stay connected with loved ones, attend virtual workout sessions, continue their studies, and work remotely. However, it has also opened up new avenues for cybercriminals to stalk, isolate and control others, particularly vulnerable groups, with tailored campaigns designed to take advantage of increased online activity.
Over the past 18 months, Covid-19 themed scams, sextortion campaigns, spyware and ransomware attacks have been among the most prominent attack types targeting both businesses and consumers.
About the author
Michal Salat is Director of Threat Intelligence at Avast.
We recently published dedicated reports for both groups to provide a clearer view of the current cybersecurity landscape in the Covid-19 era. Our hope is that they are used as an educational resource to allow people to improve their understanding of the threats that exist today, and feel more in control and inspired to use the internet as a tool that can help them reach their potential.
How likely are you to encounter a cyber threat?
Our consumer PC Risk Report tracks the annual changes to the online threats faced by people across the world, and has shown that in the past year, Brits had close to a one in four (23%) chance of encountering some form of malware targeting their PCs.
The likelihood of a home user in the UK encountering any type of PC malware is 23.26%. But, British home users also have a 2.89% chance of encountering an ‘advanced’ threat, which we define as more sophisticated or never-seen-before threat, designed to bypass common protection technologies included in security software, such as signatures, heuristics, emulators, URL filtering, and email scanning.
These often come from criminal groups that focus on successful infection rates, ensuring that the malware circumvents most security solutions people have installed on their devices. APT campaigns, such as the one targeting governmental agencies in East Asia and the many ransomware attacks that made the headlines the past year, are examples of this type of threat. In most cases, these advanced threats are heavily tested to make sure they are not detected when scanned by antivirus software.
Perhaps unsurprisingly, our research found that countries experiencing conflict and unstable socio-political situations, such as the Middle East, Asia, Africa, and Eastern Europe, faced more risk in the online world. Geographical differences also play a role in the UK’s local threat map, with Londoners and those living in the North West of England more likely to encounter advanced attacks.
Some of the most prominent types of malware people may encounter
Covid-19 Related Scams – a phenomenon we have seen evolve since the start of the pandemic is the development of Covid-19 themed attacks. These attacks deliberately target people searching for associated topics such as face masks and ventilators, and we identified malvertizing campaigns that offered cures and medication for the virus. These often referenced names and included logos of legitimate organizations, such as the World Health Organization, which were used to deceive people into inadvertently downloading malware. Our mobile threat intelligence platform, apklab.io, tracked more than 3,600 malicious apps out of 15,400 apps overall, a one in four ratio, offering some sort of a Covid-19-related service.
As well as scams directly related to the virus itself, bad actors also took advantage of changing consumer behaviors brought on by the pandemic. For example, we have seen mobile users in several countries receiving SMS messages asking them to download a tracking app to follow the status of a package. This was, in fact, a link to a banking Trojan called ‘FluBot’. This scam was deliberately designed to take advantage of more people shopping online.
Sextortion – throughout the pandemic, sextortion has remained commonplace, with our Threat Labs team witnessing an uptick of these campaigns during the holiday season in December 2020. We’ve blocked over 500,000 attempts to date. These campaigns falsely claim to have accessed a person’s device and camera by taking advantage of critical vulnerabilities in video conferencing technology. The email usually mentions a “recorded sexual act”, threatening to cause “terrible reputation damage” unless a payment is made.
Ransomware – another type of malware that is often in the news. Once downloaded, usually through a malicious link or file shared surreptitiously, the software will cut off access to a device, encrypting files and demanding payment before it can be unlocked. During the pandemic, Avast saw a 20% rise in ransomware attacks between March and April 2020 compared to the two months prior, with critical infrastructure targeted across the globe as well as public sector organizations such as hospitals and schools.
The data from this year’s PC Risk Report shows that cybercriminal activity hasn’t slowed. Instead, threat actors have taken advantage of more people spending time online, adapting old tricks in an attempt to steal money, from small-scale consumer scams to targeting organizations, institutions and critical infrastructure with sophisticated ransomware attacks.
It’s clear the number of threats people face across the globe is increasing, as is the variety of threats. And as the number of connected devices continues to grow, cybercriminals will invent new ways to capitalize on rising connectivity. As society settles into a new rhythm, it will be essential in the coming months and years for cross-sector cooperation from both the public and private sector, law enforcement and education, to ensure that everyone is protected as much as possible from new threats that will appear.