FBI says cybercrime reports quadrupled during COVID-19 pandemic
An FBI official said this week that the bureau has seen a spike in cybercrime reports since the onset of the coronavirus (COVID-19) pandemic.
Speaking in an online panel hosted by the Aspen Institute, FBI Deputy Assistant Director Tonya Ugoretz said the number of reports has quadrupled compared to months before the pandemic.
"The FBI has an Internet Crime Complaint Center, the IC3, which is our main ingest point. Sadly the IC3 has been incredibly busy over the past few months," Ugoretz said.
"Whereas they might typically receive 1,000 complaints a day through their internet portal, they're now receiving something like 3,000 - 4,000 complaints a day not all of those are COVID-related, but a good number of those are.
"There was this brief shining moment when we hoped that, you know, 'gosh cyber criminals are human beings too,' and maybe they would think that targeting or taking advantage of this pandemic for personal profit might be beyond the pale. Sadly that has not been the case," Ugoretz said.
"They really run the gamut. Everything from setting up fraudulent internet domains [...], we've seen people set up fraudulent COVID charities, promise delivery of masks and other equipment, and then deliver fraudulent loans, extortion, etc.. So pretty much, sadly, anything you can think of. Cyber-criminals are quite creative," the FBI official said
Foreign hackers have targeted US-based COVID-19 research
But in addition to regular cybercrime reports, Ugoretz said the bureau is also aware of attacks carried out by foreign countries, targeting the national healthcare sector and the US' COVID-19 research capabilities.
"On the nation-state side, as you can imagine, countries have a very high desire for information [...][on] how other countries are responding but also about things like research on vaccines, what's happening in the US healthcare sector, and our research institutes," Ugoretz said.
"We have certainly seen reconnaissance activity and some intrusions into some of those institutions [...] especially those that have publicly identified themselves as working on COVID-related research," the FBI Deputy Assistant Director said.
Ugoretz did not specify where the "intrusions" took place.
Two weeks ago, on April 4, the US National Counterintelligence and Security Center had issued a warning on Twitter, on the exact same topic.
Threat actors may exploit #COVID19 to steal the intellectual property of medical research organizations or sensitive data related to America’s response to the pandemic. For more information on how to protect your organization, see: https://t.co/euY19rN7M3 pic.twitter.com/PvRYCO5C61
— NCSC (@NCSCgov) April 4, 2020
The agency re-issued its warning after Ugoretz's statement this week, warning healthcare entities to bolster supply chains, in particular.
"With supply chains in turmoil during COVID-19, many organizations are turning to alternate vendors and suppliers. Some vendors may be insecure or compromised by threat actors seeking to access your data. Adversaries increasingly use third-party suppliers as attack vectors," the NCSC said on Friday.