Cyber Stories: Coronavirus Cyber-Scams



Written by


It seems that COVID-19 isn’t the only pandemic to have hit British shores in 2020. Alongside the infectious disease, there has been a host of opportunistic cybercriminals attempting to capitalise on the fears and health concerns of the general public in order to scam British businesses into giving away sensitive data.

Cybersecurity is never more important than it is in times of national crisis. The National Cyber Security Centre (NCSC) revealed in its annual report that it defended the UK from 723 cyber incidents last year, the highest number ever recorded and with around 200 of those related to coronavirus. In the previous three years since launching, the centre supported an average of 602 incidents annually (590 in 2017, 557 in 2018 and 658 in 2019).

What are the COVID-19-related cyber attacks?

In July, the British government accused Russian hackers of trying to steal secrets related to a vaccine through cyber-espionage, and officials have warned that such attacks represent an ongoing threat from states targeting vaccine research.

The NCSC stated that there had been three times as many ransomware attacks compared to the year before and that there was a growing tendency for these attacks to be more targeted and aggressive than they were before the pandemic.

Cyber threats for businesses

Businesses have come under similar attacks throughout the pandemic as the government, one of the most common being ‘phishing’ - the use of fake emails or weblinks to steal sensitive information (such as passwords and bank details) or to deploy malware.

Another method, known as ‘whaling’, takes a similar approach but targeted at more senior officials. For example, a senior executive may receive a fraudulent email from what appears to be a trusted employer requesting a transfer of funds. There has also been a development of ‘Smishing’, a phishing-style attack that is conducted through SMS.

Here are some examples of the most common forms of COVID-19 related cyber-scams for businesses:

  • Business impersonation – most commonly requests for employees to update their bank details
  • Scammers pretending to be legitimate businesses and applying for stimulus funding
  • Phishing emails, letters and SMS

Why is cyber-crime on the rise?

Overall, there are a multitude of factors that have contributed to the rise in cyber-crime. Aside from the general hysteria caused by the pandemic, the increased amount of time spent on devices due to remote work has played a key role.

Overnight, the number of UK employees working from home increased from 11% to 70%. One of the biggest risks associated with this new way of working is ‘BYOD’, or ‘bring your own device’. While companies often pay thousands of pounds to protect their systems, when an employee works from home using personal devices which may not have the same level of protection, this inevitably increases the endpoint vulnerability of that business’ IT and Cloud security. Worryingly, half of UK companies (48%) admitted that they do not have adequate cybersecurity provisions to maintain a 100% remote working model.

What has been the impact of these attacks?

New research shows that businesses have lost over £6.2 million to cyber scams over the past year - with a 31% increase in cases during the height of the pandemic (May-June).

The frequency of cyber breaches coupled with the obvious difficulties of recovering from these attacks highlights the need for businesses to create a well-defined incident response plan. This ensures they can respond quickly and effectively in the event of a breach, helping to minimise business impact and residual risk.

How could it have been prevented?

Alongside the increase in ransomware and phishing attacks associated with COVID-19, businesses must be aware of the impact remote working can have on their vulnerability to cyber-crime. They must take the appropriate steps to remediate any cybersecurity procedures that may have been bypassed during the rapid shift to remote work that we saw in the first lockdown.

Alongside the increase in ransomware and phishing attacks linked to COVID-19, businesses need to consider how the rapid shift to remote working might have increased the risk of a cyber incident. Organizations may have bypassed existing cybersecurity procedures and good practice or taken shortcuts which now need to be reviewed.

In the short-term, we recommend three areas that organisations and businesses can focus on to reduce the immediate risk of cyberattacks:

  • Secure newly implemented working practices and give your employees up-to-date guidance on what suspicious activity looks like in light of the pandemic and how they may be targeted as a consequence.
  • Rather than taking a passive role in your cybersecurity, you should be actively ensuring the continuity of critical security functions.
  • Be ready for any opportunistic cyber-threats by monitoring all activity across your network and make sure that you have prepared an incident response strategy ready to be initiated in the case of an attack.

For more information on how to ensure that your business is cyber-secure, check out our blog, and for further guidance on anything cyber-related, get in touch with one of our cybersecurity experts here.