During the COVID-19 pandemic, criminals have been quick to seize opportunities to exploit the crisis by adapting their modi operandi and engaging in new criminal activities. Cybercriminals have been among the most adept at exploiting the pandemic. The threat from cybercrime activities during the crisis is dynamic and has the potential to increase further. With a record number of potential victims staying at home and using online services across the EU, the ways for cybercriminals seeking to exploit emerging opportunities and vulnerabilities have multiplied.

Europol has been monitoring the impact of the COVID-19 pandemic on the cybercrime landscape since the beginning and has published an updated threat assessment of potential further developments in this crime area. 
Among the forms of cybercrime analysed in the report are:

• ransomware
• DDoS
• child sexual exploitation
• the dark web
• hybrid threats: disinformation and interference campaigns

Europol Executive Director, Catherine De Bolle: This pandemic brings out the best but unfortunately also the worst in humanity. With a huge number of people teleworking from home, often with outdated security systems, cybercriminals prey on the opportunity to take advantage of this surreal situation and focus even more on cybercriminal activities. With this report we want to warn individuals, companies, public institutions and other organisations about these criminal activities. I would also like to draw special attention to the most vulnerable among those victims; I am very concerned about the rise of child sexual abuse online. Europol is investing resources and capacities to support Member States in countering cyber-dependent crime during this difficult situation

The findings of this report are mainly based on contributions from EU Member States and Europol’s partner countries. 

Main findings

• The impact of the COVID-19 pandemic on cybercrime has been the most visible and striking compared to other criminal activities.
• Criminals active in the domain of cybercrime have been able to adapt quickly and capitalise on the anxieties and fears of their victims.
• Phishing and ransomware campaigns are being launched to exploit the current crisis and are expected to continue to increase in scope and scale.
• Activity around the distribution of child sexual exploitation material online appears to be on the increase, based on a number of indicators.
• Both criminal organisations, states and state-backed actors seek to exploit the public health crisis to advance geopolitical interests.

Europol is supporting the national law enforcement authorities in the international coordination of cyber-related cases, by connecting the investigations, facilitating information exchange, operational analysis and forensic services. Europol’s European Cybercrime Centre (EC3) is specialised in supporting the prevention and investigation of cyber-attacks, child sexual exploitation, payment fraud and the online trade of illegal commodities through the dark web, becoming a cybercriminal information hub and a platform for cooperation with the private sector and the cybersecurity community.