Ηow organized crime and cybercrime altered during the COVID-19 period

The COVID-19 pandemic is expected to have a multifaceted impact on serious organized crime, particularly cybercrime. Lifestyle changes that arose in response to the restrictions during the epidemic, such as extended teleworking, widespread internet purchasing, and other behaviors, are unlikely to fade once the lockdown is lifted. As a result, cybercriminals will continue to seek ways to exploit these behaviors, either by modifying existing attacks or developing new ones.

Cybercriminals[1] were prompt to devise methods and tools to exploit the current situation, and new and adapted crime methods that emerged very quickly after the crisis began became the most visible types of crime during the COVID-19 epidemic.


To assist employees who are increasingly working remotely, cybercriminals are targeting vulnerabilities in systems, networks, and apps used by businesses, governments, and schools. As the number of people who use online tools increases, the security mechanisms put in place prior to the virus outbreak become overburdened, and criminals look for new ways to steal data, profit, or create disruption[2],[3].

Organised crime in the COVID-19 era

The pandemic's impact isn't limited to cybercrime; it's also changed how organized crime operates.

Organized crime encompasses a wide range of activities, including illegal protection, drug trafficking, people smuggling, and weapon smuggling, as well as a significant amount of acute instability that jeopardizes the EU's overall stability and security. Theft, drugs, firearms trafficking, tobacco, counterfeiting, and other illicit goods are some of the most common crimes that can be classified as organized crime.

While the COVID-19 outbreak primarily increased cybercrime, there was a shift from organized to domestic crime during this time. This shift was aided by social distancing, a pandemic-imposed measure. When people are duped into buying fake masks, hand sanitizers[4], and other similar items.

Criminals who specialize in counterfeit pharmaceutical and healthcare items were quick to capitalize on the COVID-19 outbreak, adapting their product portfolios to capitalize on legitimate medication[5] shortages as well as ordinary citizens' fears and concerns.

Another factor to consider is that the COVID-19 pandemic has resulted in an increase in the production of medical and sanitary waste throughout the EU. The illegal trafficking and disposal of medical and sanitary waste is a major criminal concern, both in terms of the money generated and the potential harm to public health.

Cybercrime in healthcare

Cybercriminals attack critical infrastructure and response institutions, such as hospitals and medical centers, with disruptive software like ransomware, which are already overburdened by the health crisis.

Such ransomware or DDoS attacks usually aim to obstruct access to critical data or disrupt the system, exacerbating an already dangerous situation in the real world. Given the severity of the threat posed by ransomware[6], By using a regional strategy for operational cooperation with member nations, INTERPOL will also focus on identifying, targeting, and disrupting cybercrime threat actors driving ransomware attacks. As a result, NTERPOL[7] recommends urgent and greater coordination to battle it and avoid a mutual future pandemic.

Profit-driven[8] hackers have been targeting businesses and reconfiguring existing dangerous programs, allowing hackers to take control of data on an infected system and then demand exorbitant sums of money to retrieve it because of the COVID-19 situation.

The mobile phones of people who use apps purporting to offer accurate COVID-19 information with the sole intention of extorting payments are another example of the COVID-19 prohibitions and enhanced organized crime. Phishing campaigns based on coronavirus domain names were launched all over the world.

Phishing[9] emails ostensibly from authorities purported to offer advice in the form of attachments or links containing potential malware, the ability to steal personal information, or the attempt to capture login and password credentials. These emails were sent to keep users from accessing their systems until a fee was paid.

Because the internet has no borders, threats and assaults can come from anywhere at any time, posing difficulties for law enforcement because events may involve suspects, victims, and crimes from multiple countries.

In response to the needs, ROXANNE[10] has begun to leverage cyberinfrastructure by bringing new technologies and capabilities to the ground, such as new model systems for video/image processing and network analysis, as well as assisting law enforcement in detecting various types of illegal activities.

Furthermore, the ROXANNE platform is designed primarily for law enforcement agencies to review large datasets that, when combined, will enable them to identify previously unknown individual offenders in videos and photographs captured by security cameras, mobile devices, and other sources.

Moreover, ROXANNE essentially provides a database for fully automatic face recognition, as well as multiple datasets with various attributes such as gender, ethnicity, and facial expression, which can be used to identify any potential cybercriminals.

Finally, the project intends to fully cooperate in detecting, investigating, attributing, and prosecuting these concerns, as well as dealing with any issues that arise and criminals who use the COVID-19 epidemic for their illicit purposes.


[1] EUROPOL report April 2020 https://www.europol.europa.eu/activities-services/staying-safe-during-covid-19-what-you-need-to-know

[2] Tips for cybersecurity when working from home — ENISA (europa.eu)

[3] https://www.europol.europa.eu/activities-services/public-awareness-and-prevention-guides/safe-teleworking-tips-and-advice

[4] Cybercrime and COVID-19 - News (coe.int)

[5] https://www.justice.gov/opa/pr/doj-announces-coordinated-law-enforcement-action-combat-health-care-fraud-related-covid-19

[6] COVID-19 cyberthreats (interpol.int)

[7] Immediate action required to avoid Ransomware pandemic - INTERPOL

[8] https://www.justice.gov/opa/pr/justice-department-takes-action-against-covid-19-fraud

[9] https://www.enisa.europa.eu/news/enisa-news/understanding-and-dealing-with-phishing-during-the-covid-19-pandemic

[10] https://cordis.europa.eu/project/id/833635