« ESG投資の進化、Society 5.0の実現、そしてSDGsの達成へ(経団連・東京大学・GPIFの共同研究報告書) | Main | EU Ethics Guidelines for Trustworthy AI(信頼できるAIのためのEU倫理ガイドライン) »

2020.03.28

Europol 犯罪者がCOVID-19パンデミックを使ってどうやって稼ぐか?

こんにちは、丸山満彦です。

Europolが「Pandemic profiteering: how criminals exploit the COVID-19 crisis」を公表していますね。。。Cybercrimeも含まれていますね。。。

  • CYBERCRIME
  • FRAUD
  • COUNTERFEIT & SUB-STANDARD GOODS
  • ORGANISED PROPERTY CRIME
  • OTHER CRIMINAL ACTIVITIES

Europol

・2020.03.27 HOW CRIMINALS PROFIT FROM THE COVID-19 PANDEMIC

・2020.03.27 PANDEMIC PROFITEERING: HOW CRIMINALS EXPLOIT THE COVID-19 CRISIS

 ・[PDF] Pandemic profiteering how criminals exploit the COVID-19 crisis


 

CYBERCRIME

KEY FINDINGS

  • The global pandemic of COVID-19 is not only a serious health issue but also a cybersecurity risk.
  • Criminals swiftly took advantage of the virus proliferation and are abusing the demand people have for information and supplies. Criminals have used the COVID-19 crisis to carry out social engineering attacks, namely phishing emails through spam campaigns and more targeted attempts such as business email compromise (BEC).
  • There is a long list of cyber-attacks against organisations and individuals, including phishing campaigns that distribute malware via malicious links and attachments, and execute malware and ransomware attacks that aim to profit from the global health concern.
  • Information received from law enforcement partners strongly indicates increased online activity by those seeking child abuse material. This is consistent with postings in dedicated forums and boards by offenders welcoming opportunities to engage with children whom they expect to be more vulnerable due to isolation, less supervision and greater online exposure.
  • The pandemic has an impact on Darkweb operations. Certain illicit goods will become more expensive, as source materials become unavailable. Vendors on the Darkweb offer special corona goods (scam material) at discounts.

OUTLOOK

  • The number of cyber-attacks is significant and expected to increase further. Cybercriminals will continue to innovate in the deployment of various malware and ransomware packages themed around the COVID-19 pandemic. They may expand their activities to include other types of online attacks.
  • Cybercriminals are likely to seek to exploit an increasing number of attack vectors as a greater number of employers adopt telework and allow connections to their organisations’ systems.

Attack on critical health infrastructure

  • Cybercriminals carried out a cyber-attack on Brno University Hospital Brno, Czechia amid the COVID-19 outbreak in Europe. Since a state of emergency was declared in Czechia on 12 March 2020, the attack was considered an attack on a critical infrastructure.
  • The incident prompted the hospital to postpone urgent surgeries and reroute new acute patients to a nearby alternative hospital.
  • The hospital was forced to shut down its entire IT network during the incident and two of the hospital’s other branches, the Children’s Hospital and the Maternity Hospital, were also affected.1
  • These types of attack during a public health crisis such as the COVID-19 pandemic are particularly threatening and carry very real risks to human lives.

1 ZDNet 2020, Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak, accessible at https://www.zdnet.com/article/czech-hospital-hit-by-cyber-attack-while-in-the-midst-of-a-covid-19-outbreak/

 

|

« ESG投資の進化、Society 5.0の実現、そしてSDGsの達成へ(経団連・東京大学・GPIFの共同研究報告書) | Main | EU Ethics Guidelines for Trustworthy AI(信頼できるAIのためのEU倫理ガイドライン) »

Comments

Post a comment



(Not displayed with comment.)


Comments are moderated, and will not appear on this weblog until the author has approved them.



« ESG投資の進化、Society 5.0の実現、そしてSDGsの達成へ(経団連・東京大学・GPIFの共同研究報告書) | Main | EU Ethics Guidelines for Trustworthy AI(信頼できるAIのためのEU倫理ガイドライン) »