Q&A  | 

Malware is resurfacing

We saw specific malware resurface after years – like the Cerberus banking Trojan – adapted to this new pandemic scenario


Reading Time: 3 minutes

Craig Jones is Cybercrime Director at INTERPOL, whose cybercrime work has two fundamental goals: reducing the global impact of cybercrime and protecting communities for a safer world through a range of policing capabilities in 194 member countries.

“We saw specific malware resurface after years – like the Cerberus banking Trojan – adapted to this new pandemic scenario”, he says.

What is cybercrime?

Cybercrime is a phenomenon without borders. It is a global threat affecting more than 4.5 billion people online today. Simply put, cybercrime is the use of information and communications technologies for criminal purposes. 

INTERPOL uses to broad categories to evaluate cyber threats:

  • Cyber-dependent crime, which can be committed through computer systems against the confidentiality and integrity of computer data and systems, and
  • Cyber-enabled crime – ‘traditional’ crimes like investment fraud or money laundering that use computer networks or other information communication technologies to increase their scale or reach. 

What makes us vulnerable to it?

The pandemic and related lockdown measures have further accelerated the merging of our physical and cyber spaces and increased our reliance on connectivity for many of our basic tasks – both in our work and personal lives.

Cybercriminals see this increased reliance on the Internet as an opportunity – especially in the COVID-19 context. Malware attacks have increased in quantity and evolved in their choice of targets.  

We saw specific malware resurface after years – like the Cerberus banking Trojan – adapted to this new pandemic scenario. 

Cybercriminals have also shifted their targets to governments and critical infrastructure, which play a crucial role in responding to the pandemic, to maximize the damage and their financial gain. 

Which kinds of cybercrime are there and which are the more common kinds of attacks?

COVID-19-related criminal activities range from ransomware attacks against hospitals, online scams on medical products – such as vaccines – and government relief funds, to name a few. 

Business e-mail compromise also continues to grow, affecting the financial sector significantly. Data breaches gained momentum through unpatched software and apps, using stolen credentials from phishing, Trojan stealers and remote access Trojans. 

No sector is safe and no system is safe. It was also clear how threats converged on specific regions at the height of the crisis.  

We have seen complex frauds hitting victims in Europe and proceeds being routed as far as West Africa and SouthEast Asia within hours.

Does the Internet of things and the fact that more devices than ever are connected to the net make us especially vulnerable? Is there any truth in the hackers breaking into your coffee maker and holding it ransom legend?

Anything that is connected to a network can be a target of cybercrime. IoT devices often have security vulnerabilities that could allow criminals to disrupt their function, take control remotely or even gain wider access to their networks for further attacks.

This is why there are movements such as ‘security by design’ or ‘security by default’. INTERPOL is continuously working with our private partners who keep us abreast of these developments and allow us to stay one step ahead of the cybercriminals. 

How can we protect ourselves from cybercrime?

A single cyber incident can affect multiple jurisdictions. The borderless nature of cybercrime underlines the importance of INTERPOL’s unique capacity to marshal a global law enforcement response and connect our member countries with information from the private sector. 

When you see new sectors under attack around the world – with techniques and tactics that are being replicated – it is critical to have a global platform that can exchange information securely and react rapidly. 

INTERPOL provides such a service, network and tools. The exchange of data – between police forces, the private sector, the CERT community and NGOs – is also key. Law enforcement must be seen as a trusted, effective partner to share information with. 


More specifically, we recommend that organizations of any size: 

o   Make sure staff are trained on basic digital security, cyber threat awareness and good cyber hygiene. 

o   Develop a comprehensive digital security policy and install applications to prevent malware infection. 

o   Tighten and routinely evaluate security measures to prevent information leakage and invest in multi-factor authentication. 

o   Review if data segmentation can reduce the risk of exposure. 

How profitable is cybercrime and how much is it likely to grow in the next few years?

Many figures related to cybercrime paint a disturbing picture. A report by McAfee estimated cybercrime costs to be $1 trillion globally in 2020. Ransomware criminals are thought to have made about $350 million in 2020, which represents a 311% increase over ransomware payments in 2019, according to Chainalysis.

The World Economic Forum Global Risks Report 2020 selected cyberattacks as the second greatest risk that businesses will face over the next 10 years.

With the increasing use of Cybercrime-as-a-Service and ever-evolving social engineering tactics, cybercrime will continue to grow and diversify. INTERPOL is determined to fight against cybercrime by building a strong global law-enforcement response to reduce the impact of cybercrime and protect communities for a safer world.