The COVID-19 pandemic not only poses a threat to our health, but also to our businesses and governments. Our data gathering and analyses show that cybercriminal activity has risen consistently in step with outbreak peaks in regions around the world. The correlation suggests that as citizens, corporate entities, and governments focus on saving lives, cybercriminals use the diversion to penetrate systems worldwide.
This case study report analyzes the criminal activity three months after the official COVID-19 outbreak in Wuhan, China—mid-December 2019 through mid-March 2020. The damaging impact on the online IT infrastructure, and on the existing measures in place to protect individuals, organizations, and countries, is significant.
Herein we demonstrate the findings and our CIM-CTI analysis, based on social media platforms, the Dark Web, and attacks to our global BlackPot system, where we engaged hackers so that we could observe, capture, and analyze their behavior, keywords, and patterns. This engagement creates an ongoing intel database on-the-fly.