Government announcements leveraged by scammers and cyber criminals during the pandemic, study reveals

The study conducted by researchers from universities across the UK has drawn attention to the links between government policy announcements, notifying the public of essential services or safety announcements, were seized upon by scammers and cyber criminals.

The study saw Dr Xavier Bellekens from the University of Strathclyde and Dr Lyndsay Shepherd of Abertay University join researchers from the University of Oxford, University of Warwick and University of Kent to look at the pandemic’s impact on cyber crime.

The paper, taking the UK as a case study, found a connection between government policy announcements during the crisis and cyber crime campaigns or attacks – identifying that on some days during the pandemic, three to four unique cyber crime campaigns have been reported per day.

With consumers spending increased amounts of time online, and spending months of lockdown dealing with economic hardship, reduced health services and increrased socialising with friends and family online, many have fallen victim to highly developed and adept cyber crime campaigns or scams.

Scams have been sent by text or email, directing users to open links to URLs which can often lead them to websites impersonating interfaces of online banking or government services.

This process, known as phishing, was identified as the most common tactic used in 43 cyber attacks located on a timeline by researchers – with phishing and/or smishing used in 86% of these attacks.

After the first case of Covid-19 was identified in China on December 5 2019, researchers identified the first reported cyber attack to take place two weeks later. Yet as the pandemic took hold in the weeks and months following, the time gap between announcements and attacks narrowed considerably.

In the UK, the study demonstrates this to be clear with events such as the UK’s official lockdown announcement on March 23 2020, and the ‘lockdown contravention fine’ campaign reported just two days later. The same similarly short time delay was seen with the announcement of the job retention scheme on April 17, which was followed by a phishing campaign two days later.

Dr Xavier Bellekens from the University of Strathclyde, said: “Over the last year we have seen a surge in cyber-attacks targeting critical infrastructures, governments, organisations and end-users, influenced by governmental announcements.

"These have ranged from targeted attacks to selling counterfeited respirators to hospitals, denying of essential services through ransomware, selling fake online Covid-19 testing equipment as well as more recently, generating fake Covid travel tests.

“These techniques, while common, had never been observed in relation to an event of this magnitude, making this study unique.”

Dr Lynsay Shepherd of Abertay’s Division of Cybersecurity said: “Cybercrime is a highly sophisticated and organised activity and it did not come as a surprise to anyone in the cybersecurity industry that these individuals and groups used the Covid-19 pandemic as a vehicle to launch attacks.

“It is unlikely there will ever be a time when we can eradicate cybercrime. Therefore we must continue to educate everyone from as early a stage as possible, train our graduates to understand the mindset of cybercriminals as we do at Abertay, and to continue to invest in research, development, innovation and infrastructure.”

A message from the Editor:

Thank you for reading this article. If you haven't already, please consider supporting our trusted, fact-checked journalism by taking out a digital subscription.