ONS Reports Huge Spike in Cybercrime and Fraud During COVID-19
Fraud and computer misuse offenses rose by 43% in the year ending June 2021 compared with the pre-COVID year ending June 2019, according to estimates from the Telephone-operated Crime Survey for England and Wales (TCSEW).
Published by the Office for National Statistics (ONS), the figures further demonstrated the extent to which crime shifted to the digital space during COVID-19 lockdown restrictions in the UK. There was an estimated 14% decline in total crime excluding computer misuse and fraud in 2020/21 compared with 2018/19.
Computer misuse offenses, defined as fraudsters hacking or using computer viruses or malware to disrupt services, obtain information illegally or extort individuals or organizations, increased by 85% in 2020/21 compared with 2018/19, with a total of 1.8 million incidents estimated to have occurred. This was largely driven by a 161% rise in unauthorized access to personal information (including hacking). This included victims’ details being compromised via large-scale data breaches and victims’ email or social media accounts being compromised.
There was also an estimated 32% rise in fraud cases, according to the TCSEW. This appeared to be largely driven by substantial increases in “consumer and retail fraud” and “advance fee fraud.” This indicates that fraudsters have adapted to new behaviors such as the shift to online shopping and banking during the pandemic.
Commenting on the figures, Dr Süleyman Özarslan, co-founder of Picus Security and head of Picus Labs, said: “A 43% increase in fraud and computer misuse cases is an astonishing spike. Cybercrime is not a victimless crime, and if this spike was seen in another criminal activity, it would be headline news.
“While most forms of crime in the UK have decreased since 2020, especially during lockdowns, the same cannot be said for online fraud. If anything, it has ramped up considerably. The survey notes a 32% increase in fraud incidents and cites ‘advance fee fraud’ and ‘retail fraud’ as key drivers.”
Özarslan added: “The survey also notes a 161% increase in ‘unauthorized access to personal information.’ I believe this indicates cybercriminals’ additional focus on personal data as a money-making asset. Cyber-criminals will regularly sell stolen personal information on the dark web; for example, credit card details with an account balance up to £3500 may cost in the region of £175. Stealing personal data has been lucrative business during the pandemic.”
The ONS claimed the TCSEW provides a better indication of computer misuse offenses as it contains crimes that go unreported to the police. However, some experts have criticized its accuracy as it only highlights incidents that are reported by individuals.
Jed Kafetz, head of pentesting at RedScan, commented: “As for the 85% increase in computer misuse and hacking, I think the crime stats are still playing catch up to reality. The 1.8 million estimated computer misuse offenses are likely to be a fraction of the real number when you consider how many details are lost, stolen and sold during big data breaches in a typical year. I’m sure hacking incidents are grossly underreported because people increasingly expect them in day-to-day life.”