If the damage caused directly by the COVID-19 pandemic is already enormous, it could be even greater if the uncontrollable spread of computer viruses, commonly known as cyber attacks, is not stopped. This is the conclusion that can be drawn from the latest report by the Israeli cyber security giant Check Point Software Technologies. The report explains the emergence of criminal networks, in principle not directly associated with states, which are taking advantage of the pandemic to attack thousands of companies and organizations, affecting virtually all sectors, including governments, critical infrastructure and, of course, health.
According to the bulky dossier, "Cyber Attack: 2020 Mid-Year Report", computer attacks have increased globally from 5,000 per week in February 2020 to more than 200,000 per week at the end of April, when the pandemic had spread uncontrollably to all five continents. The trend has only grown, and the colossus in charge of this chapter in the Defense of Israel warns that it may multiply in the second half of the year.
As crime always seems to take the lead, Check Point has detected the registration of tens of thousands of domains related to the coronavirus, many of which have subsequently been used extensively to extort money from the companies or institutional bodies concerned. It is particularly noteworthy how, through many of these new domains, thousands of alleged vaccines and fake treatments against COVID-19 have been sold, in addition to the clear launching of massive campaigns to obtain private data from users, especially to access their accounts or bank details, which is commonly known as "phishing".
Two of the platforms that have successfully replaced face-to-face events on a global scale, Zoom and Microsoft Teams, have been the target of repeated attacks by cybercriminals as remote activity or multi-connection via video communication has multiplied. Obviously, these attacks have also multiplied against these same platforms in Spain, which has also suffered a violent increase in cyber-attacks on its critical infrastructure.
From the enormous data collected by Check Point, it is also clear that during the months of May and June, just as most countries began to relax the lockdown, cybercriminals stepped up their attacks by 34% globally at the end of June, compared to those suffered in March and April.
For those who are not very familiar with computer viruses, the report points out that the champion in the first half of this 2020 has been the malware known as Emotet, which has infected, with greater or lesser severity, no less than 9% of existing companies worldwide. Emotet is a highly advanced modular Trojan capable of self-propagating at high speed, and is also used as a distributor of other malicious attacks, in the manner of cluster bombs.
The threats are multiplied if we consider another trend that has become global: the cyber-attacks aimed at obtaining a ransom. There is also an evolution in this criminal modality. If until recently cybercriminals restored the infected system after receiving the price of its rescue, they have now become more sophisticated, so that they are able to exfiltrate a part of the system they are going to attack before encrypting it. The consequence is that, unless the ransom is paid, during the time of doubt or negotiation the criminals can use some of this exfiltered information to discredit or harm the company, all while at the same time the company's systems remain paralyzed, preventing it from operating regularly. This is what the Israelis call the new "double extortion".
In addition to so many other misfortunes, COVID-19 has transformed and accelerated the pattern of computer crime. There is virtually no sector of economic activity left sheltered from this modern and lucrative form of criminality. Security systems become obsolete overnight. As in so many other areas, only international cooperation that guarantees rapid and effective technological responses can contain the supposedly unstoppable advance of this new universal mafia of the 21st century.