A team of researchers has issued a warning that while lockdown measures are assisting to hamper the spread of COVID-19, they are also fuelling a rise in cybercriminal activities, according to a new report for the police.

Extra care is also advised by the team for those purchasing antibody testing kits or Personal Protective Equipment (PPE) like face masks online, or answering texts that appear to be sent from the NHS or UK government.

Analysing cybercriminal activity patterns

The team includes researchers from several Scottish universities and the Cambridge Cybercrime Centre, an integral part of Cambridge University’s Department of Computer Science and Technology. Together they have been working to analyse data gathered from underground chat channels, forums and marketplaces frequented by cybercriminal communities. The results of their analysis have been published in a paper for Police Scotland and indicate the new social changes adopted during the recent crisis are fuelling a spike in cybercrime’s economy.

The tactics employed by the threat actors have evolved in step with the outbreak. In the first weeks of the lockdown, scams involving bogus texts impersonating the HMRC informed recipients they would be fined a sum of £250 if they left their properties more than one time per day. Now that the NHS is rolling out an app for contact tracing, the researchers have raised concerns the initiative could potentially create greater risks for people and companies who may be vulnerable to fraudulent activity.

Ben Collier of the Cambridge Cybercrime Centre commented that not all attack strategies being used are new:

“We’re also seeing some general repurposing of existing cybercrime. For example, there have long been fake online shops, but now instead of selling clothes, they are selling face masks or bogus ‘cures’ for the coronavirus.”

A review to answer the rising number of attacks

Overall cybercrime levels have seen a general rise. The Cambridge-based cybercrime centre has recorded a massive increase in attacks known as “denial of service”. This form of attack can be bought for a small sum of money through special online services to knock people offline and is often used by online gamers. Since lockdown this low-level cybercrime has seen a rise from just 12,000 attacks a day to almost 30,000 per day. The attacks however are not just impacting the gamers but those they share a connection with such as their parents who may be working remotely from home.

The paper provided by the team aims to offer guidance to Police Scotland on policing cybercrime, but its findings are relevant to the whole UK. The researchers state that although the country has a sophisticated level of cyber security measures in place, especially on a national level it presently lacks the sufficient capacity at a local level to police the increased volume of cybercrime offences occurring. It advises that police forces across the country should now undertake a review with a wider-ranging perspective of all policies in place for cybercrime prevention to fully assess their adequacy for the future.