The EU-funded CyberEast project has issued a warning about cyber threats during the COVID-19 pandemic.
At a time when we all rely more than ever on computer systems, mobile devices and the Internet to work, communicate, shop, share and receive information and otherwise mitigate the impact of social distancing, there is evidence that malicious actors are exploiting these vulnerabilities to their own advantage.
- Phishing campaigns and malware distribution through seemingly genuine websites or documents providing information or advice on COVID-19 are used to infect computers and extract user credentials.
- Ransomware shutting down medical, scientific or other health-related facilities where individuals are tested for COVID-19 or where vaccines are being developed in order to extort ransom.
- Attacks against critical infrastructures or international organisations, such as World Health Organization.
- Ransomware targeting the mobile phones of individuals using apps that claim to provide genuine information on COVID-19 in order to extract payments.
- Offenders obtaining access to the systems of companies or other organisations by targeting employees who are teleworking.
- Fraud schemes where people are tricked into purchasing goods such as masks, hand sanitizers, but also fake medicines claiming to prevent or cure SARS-CoV-2.
- Misinformation or fake news are spread by trolls and fake media accounts to create panic, social instability and distrust in governments or in measures taken by their health authorities
The press release urged everyone to be extra-cautious and reinforce security measures, pointing to the information provided by Europol, including guidelines on how to make your home a cyber safe stronghold (information available in several languages) and the safe teleworking tips and advice, as well as the tips on cybersecurity when working from home shared by ENISA. The COVID-19 Pandemic – Guidelines for Law Enforcement, issued by INTERPOL will be useful for criminal justice practitioners.
“Criminal justice authorities need to engage in full cooperation to detect, investigate, attribute and prosecute the above offences and bring to justice those that exploit the COVID-19 pandemic for their own criminal purposes,” said the Council of Europe (CoE), which implements the CyberEast project.
With the Budapest Convention a framework for effective cooperation with the necessary rule of law safeguards is available to 65 States. As a result of capacity building programmes, many states should now be able to act.
It is also clear that additional solutions are required to address future crises, the CoE said. Capacity building for criminal justice authorities must be further enhanced. And the 2nd Additional Protocol to the Budapest Convention that is currently under negotiations will be crucial to permit instant cooperation in urgent and emergency situations.
“The Council of Europe – like many other organisations – has decided to apply extraordinary measures to limit the spread of the virus and reduce risks to staff and experts. Activities on cybercrime involving physical meetings or international travel as well have been postponed. However, we cannot afford to have our efforts on cybercrime come to a standstill. The staff of the Secretariat of the Cybercrime Convention Committee in Strasbourg and of the Cybercrime Programme Office (C-PROC) in Bucharest continue to work remotely and through video-conferencing to support partners and to advance in our common efforts against cybercrime.”
The CyberEast project, which falls under the EU4Digital initiative, aims at adopting legislative and policy frameworks compliant to the Budapest Convention on Cybercrime and related instruments, reinforcing the capacities of judicial and law enforcement authorities and interagency cooperation, and increasing efficient international cooperation and trust on criminal justice, cybercrime and electronic evidence, including between service providers and law enforcement.