The Transnational Cybercrime Extortion Landscape and the Pandemic: Changes in Ransomware Offender Tactics, Attack Scalability and the Organisation of Offending Pandemic Effects on Law Enforcement Training & Practice: Taking Early Stock from a Research Perspective: Crime and Deviance Special Issue 5 European Law Enforcement Research Bulletin 2022

Special Issue 5 Eur. L. Enf't Rsch. Bull. 45 (2022)
The Transnational Cybercrime Extortion Landscape and the Pandemic: Changes in Ransomware Offender Tactics, Attack Scalability and the Organisation of Offending

handle is hein.journals/elerb5000 and id is 47 raw text is: David S. Wall
School of Law, University of Leeds

UM

Abstract
The sudden disruption of work, recreation and leisure practices caused by the COVID-19 lockdown caught many
organisations and their employees unaware, especially during the move towards working from home. This led
adaptive cybercriminals to shift their own focus towards home workers as a way into organisational networks. The
upshot was a massive acceleration in major cyberattacks upon organisations and a noticeable shift in offender
tactics which scale up levels of fear in victims to encourage payment of the ransom. Such tactics include a shift
towards naming and shaming victims, the theft of commercially sensitive data and attacks targeting organisations
which provide services to other organisations. These developments have also led to changes in the organisation
of offenders online. Such attacks negatively impact upon national and international economies as they try to
recover from lockdown. Drawing upon an analysis of 4000+ cases of ransomware attacks collected for the EPSRC
EMPHASIS & CRITICAL research projects, this paper charts the evolution of ransomware as a modern cybercrime
and also changes in the organisation of cyber-criminals as well as highlighting some of the implications for trans-
national policing.
Keywords: Cybercrime, Ransomware, Crime and the Pandemic, Organised Cybercrime, Policing cybercrime

Introduction'

The 2020 COVID-19 lockdown immediately disrupted
the routine behaviour of billions of people globally by
suddenly forcing them to stay indoors and, in many
cases, work at home. In order to pass their time many
took to their computer devices for leisure and pleasure
and to communicate with others. Very often, work-
ers had to use their personal computing equipment
1 This article is based upon a paper delivered at the CEPOL
(European Union Agency for Law Enforcement Training) Annual
Research Conference, Featured Presentation 16.00, 5 May
2021. https://conference.cepol.europa.eu/cepol-online-confer-
ence-2021 /talk/DBR7WE/

along with varying levels of personal security and risk
awareness. These changes in routine behaviour were
not lost on criminals who quickly adapted in order to
defraud individuals and organisations or gain access to
their networks to inflict more cybercrime. While there
were no new patterns of cybercrime victimisation, oth-
er than pandemic specific scams, there was, however,
a visible change in cybercrime attack vectors which ac-
celerated the exposure of new pandemic related vul-
nerabilities and increased the overall scale and impact
of cybercrime. These changes are best demonstrated
by the case of ransomware, which seeks to encrypt the
victim's data and de-encrypt it once a ransom payment

;CEPOL

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.

Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

What Is HeinOnline?

Purchase Access

Contact Us

Log In

NEED HELP?

CONTACT US

Get started

Subscribe to our Newsletter