In May, Colonial Pipeline — which supplies nearly half of the East Coast’s fuel — learned it was hit by a cyberattack.
The attack, which feds say was carried about by the ransomware group DarkSide, forced the company to shut down its 5,500-mile pipeline system that stretches from Texas to New Jersey. In response, drivers in the Southeast rushed to fill their cars with gas — drying up gas stations across the region and sparking a fuel shortage.
In the same month, a cyberattack on meat processor JBS forced the company to shut down operations at facilities across the US. Most recently, a ransomware attack halted the online services of the Steamship Authority of Massachusetts, which ferries passengers between Martha’s Vineyard, Nantucket and the state’s outer banks.
Cybercrimes similar to these attacks and attacks on individuals have recently been on the rise, data show. And while experts say a number of factors could be contributing to the jump, some say the Covid-19 pandemic may be partially to blame.
An increase in cybercrimes
In 2020, the FBI collected data for 791,790 suspected internet crimes, an increase of more than 300,000 compared to 2019, according to a report released in March. The top three crimes were “phishing scams, non-payment/non-delivery scams and extortion.”
The FBI says losses related to those crimes totalled more than US$4.2bil (RM17bil).
Between March 12,2020, and May 15,2021, the number of Internet crime complaints jumped from seven million to six million total since 2000, the FBI says. Previously, it took from October 2017 to March 2020 for total complaints to increase by one million.
In April 2020, FBI officials said they were receiving between 3,000 and 4,000 cybercrime complaints each day — up from 1,000 daily complaints before the Covid-19 pandemic, The Hill reported.
Industry experts estimate that, in 2021,”almost six ransomware attacks will occur every minute” — an increase from “one attack every 40 seconds in 2016 and one every 14 seconds in 2019,”consumer information site Safeatlast says.
In 2021, ransomware recovery costs are expected to surpass US$20bil (RM82bil), the group says.
What’s causing the increase?
Today ransomware attacks are more advanced than in the past, Safeatlast says.
“According to cybersecurity experts, hackers have learned they shouldn’t target thousands of victims at once and expect a few of them to succumb to their demands,” the group says. “Instead, cybercriminals now focus on specific organisations that are more likely to pay the ransom to have their data restored as soon as possible.”
Additionally, hacking groups are increasingly using cryptocurrency, which is harder to trace, to demand ransom, according to Safeatlast.
But some say the pandemic could also have played a role in the increase in cyberattacks.
Digital communications company Investisdigital wrote in May that ransomware attacks are becoming more common in part because “malicious parties are capitalising on companies being distracted by the massive disruption caused by the Ccovid-19 pandemic.”
Cybercriminals took advantage of companies adjusting to the “unique challenges” of remote work by carrying out hacks, data breaches, video hijacks and fraud, the Cincinnati Business Courier reported in June 2020.
Microsoft also said in 2020 cybercriminals did “adapt their tactics to match what was going on in the world.”
“It wasn’t until Feb. 11, when the World Health Organisation named the global health emergency as ‘COVID-19’, that attackers started to actively deploy opportunistic campaigns,” Microsoft says. “The week following that declaration saw these attacks increase eleven-fold.”
The FBI noted there was a surge in Internet crimes “exploiting the Covid-19 pandemic” in 2020. It says it received “over 28,500 complaints related to Covid-19, with fraudsters targeting both businesses and individuals.”
Microsoft says its data shows the surge in coronavirus-related attacks was “really a repurposing from known attackers using existing infrastructure and malware with new lures” and that cybercriminals targeted key players working to address the pandemic.
“These shifts were typical of the global threat landscape, but what was peculiar in this case was how the global nature and universal impact of the crisis made the cybercriminal’s work easier,” Microsoft says. “They preyed on our concern, confusion and desire for resolution.” – The News & Observer/Tribune News Service