Cybercriminals playing on heightened sense of fear during pandemic, report warns
Cybercriminals are adding a coronavirus “flavour” to their attacks as they try to take advantage of the “heightened sense of fear”, according to a report.
The Scottish Institute for Policing Research paper shows there is a lack of “sufficient capability” to tackle online offences at a local level if there was a significant increase in attempts.
It recommends Police Scotland should review its cybercrime policing and prevention practices.
Dr Lynsay Shepherd, one of the authors and lecturer in cybersecurity at Abertay University, said: “The project involved examining the cyber-attacks which are linked to Covid-19.
“There’s been a number of phishing and smishing attempts which make reference to the virus and this points to initial indications of a large and sustained increase in online crime.
“Criminals are launching these attacks, preying on the heightened sense of fear exhibited by the general public at this time.
“As a result of the work, we believe that Police Scotland is well placed to tackle cybercrime and can build on its knowledge of local communities, whilst maintaining links with centralised law enforcement agencies and security services.
“We also recommend that territorial police forces, including Police Scotland, review their cybercrime policing and prevention practices in the event of a significant rise in cybercrime in the near future.”
The paper says there is evidence that criminals have adapted the language of their attacks very rapidly in response to government initiatives.
An example referred to was when the UK Department for Education published guidance in March about the provision of free school meals, which was then followed by reports of phishing scams in relation to this.
The research claims conventional forms of cybercrime are taking advantage of the context of heightened fear and greater public demand for knowledge and security.
It says criminals are adapting existing cybercrime attack vectors with a “Covid flavour”.
The paper, which states it was written for a “Scottish audience”, makes a number of recommendations.
Among them is the force north of the border has an opportunity of using its “brand, legitimacy and deep connections” with communities to lead a distinctively Scottish response.
It says Police Scotland’s local links can be used to improve engagement in circumstances where cybersecurity messages have limited uptake, such as with those living in deprived areas.
Assistant chief constable Angela McLaren said: “There is no doubt criminals will use any opportunity to exploit a situation.
“Police Scotland is seeing targeted attempts from criminals seeking to exploit the current situation by adapting known techniques to include references to coronavirus, lockdown measures and PPE.
“We remain vigilant to this and seek to get alerts and preventative messaging out where appropriate.”
She added: “This includes all cyber-enabled scams and not just those associated with Covid-19.
“Police Scotland is absolutely committed to providing the best possible service to our communities including the victims and witnesses of crime.”
Ms McLaren said it is “essential” security measures are in place for staff working from home and that access to online meetings is not made public.
She pointed to child sexual exploitation, bullying, scams, frauds and malware attacks as examples of how anyone could become a victim of cyber crime.