Hackers torn over how to adapt their tactics to the coronavirus pandemic

Some hackers thrive, while the business models of others collapse, and some refrain from exploiting the crisis altogether

The hacking community is said to be split over how to adapt their tactics to the coronavirus crisis, with many thriving off the back of mass-remote working while other groups have seen their business models collapse overnight.

Despite a recent explosion in cyber criminal activity, the picture beneath the surface is far more complex, with different strands undergoing mixed fortunes, and another group of hackers refraining from engaging in any COVID-19-related activity whatsoever. 

Nevertheless, businesses and individuals have certainly felt a crescendo of activity. With many individuals now working from home, and much more work and social activity being conducted online, the level of phishing has climbed sharply, for example.

Although cyber criminals are quickly adapting their operations to the changing world, the reactions among different groups have ranged from excitement to desperation, according to an analysis by Digital Shadows.

“Digital Shadows has observed threat actors operating on cybercriminal forums and marketplaces expressing their worries and a sense of desperation as to how the pandemic will affect their established business models,” the cyber security organisation said.

“Some are urgently trying to adapt their offerings to survive in this vastly changed landscape. Other cybercriminals see an opportunity to profit from mass hysteria and panic or take advantage of the increased online exposure that virus-tackling measures have inadvertently caused.”

With many workers around the UK forced to self-isolate and work from home, there’s been a marked rise in online shopping. Some cyber criminals are exploiting this trend by engaging in more carding activity, also termed the trafficking of payment information, because it’s more difficult to attribute fraud given the sheer rise in the volume of transactions.

Users on high-profile hacking forums have been predicting this trend for some time, and gearing their tools for the inevitable rise in online shopping. One user on a Russian-language platform, for example, observed that “everyone is afraid to go out on the streets” and so they’re choosing what they feel is the safer option.

This is part of a wider trend of cyber criminals enquiring as to how they can exploit the situation for personal gain. Many on exploit forums have also launched well-timed side-ventures that involve selling coronavirus face masks or miracle cures, having previously engaged in selling drugs or carding in the past.

There’s a divide between those pivoting to coronavirus exploits in order to increase their income and those doing it out of necessity given their collapsing business models. Specialist cyber criminal outfits, targeting aspects of work life such as travel or events, have seen revenues dry up overnight.

This form of fraud has been particularly hard-hit, given that people have refrained from flying en masse and that borders are closing around the world. One cyber fraudster offering fraudulent tickets for same-day events posted an update suggesting “everything is closed for 2 weeks” as a result of the cancellation of events.

Another user, who had for years targeted tourism, hotels, and air travel, started a thread headlined “find a job for an old man”.

He noted that “since the world decided to spin up a cool scam codenamed ‘coronavirus’ which will likely lead to another crisis... I am left without earnings for an indefinite period”.#

Not all cyber criminals are joining in with the trend of adapting their businesses to the coronavirus pandemic, however, with some deciding to take a step back entirely from this area for moral reasons.

Digital Shadows research from last month examining the reaction to COVID-19 across the dark web, found that some cyber criminals have been actively discouraging others from exploiting the crisis.

Many suggest that conventional cyber crime is lucrative enough that no pivots are necessary, while others have expressed solidarity with victims and shared personal stories about how coronavirus has affected them and their neighbourhoods.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

The future tech helping battle the pandemic
Technology

The future tech helping battle the pandemic

20 Oct 2020
Transforming training with virtual reality
Careers & training

Transforming training with virtual reality

20 Oct 2020
What is hacktivism?
hacking

What is hacktivism?

13 Oct 2020
Microsoft: Iranian hackers are exploiting ZeroLogon flaw
Security

Microsoft: Iranian hackers are exploiting ZeroLogon flaw

6 Oct 2020

Most Popular

The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
Mobile browser flaw exposes users to spoofing attacks
Security

Mobile browser flaw exposes users to spoofing attacks

21 Oct 2020