The FBI has seen a spike in cyber crimes reported to its Internet Crime Complaint Center (IC3) since the beginning of the COVID-19 pandemic, as both domestic and international hackers look to take advantage of Americans' daily activities moving increasingly online.
Tonya Ugoretz, the deputy assistant director of the FBI’s Cyber Division, said Thursday that the IC3 was receiving between 3,000 and 4,000 cybersecurity complaints each day, a major jump from prior to the COVID-19 pandemic when about 1,000 complaints were received daily.
“We have increased vulnerabilities online, and increased interest from threat actors to exploit those,” Ugoretz said during a webinar hosted by the Aspen Institute on Thursday.
Ugoretz said many of the hackers are from nation states that have a “desire to gain insight” into COVID-19-related research, and that the “rapid shift to telework” has opened up a huge amount of cyber vulnerabilities for hackers to exploit.
“Countries have a very high interest in information on the virus … such as information on a vaccine,” Ugoretz said. “We have certainly seen reconnaissance activity and some intrusions into some of those institutions, especially those who have identified themselves as working on COVID research.”
The FBI was among a group of federal agencies that on Wednesday put out a joint alert warning of North Korean cyber threats, particularly to financial institutions, with the goal to fund North Korean weapons programs and get around international sanctions.
Ugoretz said Thursday to “not read into the timing” of the alert, but that the FBI and other top agencies hoped to “shine a light” on some of the cyber threats the U.S. is facing.
Cybersecurity companies have reported huge increases in hacking attempts since the beginning of the COVID-19 crisis, particularly in malicious emails that highlight coronavirus in order to trick an individual into clicking on a dangerous link.
Health agencies including the World Health Organization (WHO) and the Department of Health and Human Services (HHS) have been targeted by hackers in recent weeks, along with hospitals and other health care groups in the midst of the pandemic.
Marc Rogers, the executive director of cybersecurity at software company Okta, said during the same webinar on Thursday that while hospitals were “deeply vulnerable” to attacks, the COVID-19 crisis was leading to a surge in cyberattacks in general.
“We’ve seen spikes in cyber crime during Olympic Games or natural disasters, because criminals are aware of anything that causes uncertainty,” Rogers said. “We were not anticipating World War Cyber, which is pretty much what we are facing.”