The Transnational Cybercrime Extortion Landscape and the Pandemic
Changes in ransomware offender tactics, attack scalability and the organisation of offending
Abstract
The sudden disruption to work, recreation and leisure practices caused by the Covid-19 lockdown caught many organisations and their employees unaware, especially in the move towards working from home. This led adaptive cybercriminals to shift their own focus towards home workers as a way into organisational networks. The upshot has been a massive acceleration in major cyberattacks upon organisations, but also a noticeable shift in offender tactics towards naming and shaming victims, the theft of commercially sensitive data and also attacks upon organisations that provide services to other organisations in order to scale up levels of fear and encourage payment of the ransom. These developments have also led to changes in the organisation of offenders online. Such attacks negatively impact upon national and international economies as they try to recover from lockdown. Drawing upon an analysis of 000 ransomware attacks collected for the XXXX funded projects, this paper charts the changes in cybercrime, the evolution of ransomware and changes in the organisation of cyber-criminals as well as the implications for transnational policing.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
The copyright of individual articles are with the author(s) and CEPOL. Reproduction without alterations is authorised for non-commercial purposes, provided the source is acknowledged.
