Congress targets COVID cyber fraud

malware detection (Alexander Yakimov/ 

In addition to loss of life and economic costs, COVID-19 pandemic has also become a cottage industry for cyber-enabled fraud and other schemes.

According to FBI Deputy Assistant Director Tonya Ugoretz, the number of daily complaints to their Internet Crime Complaint Center has tripled and sometimes quadrupled over the past four months. Threat intelligence firms have tracked an explosion of coronavirus themed scams and a broader shift among cybercriminals towards leveraging the pandemic as bait in phishing and extortion schemes, particularly as the federal government and states have moved to disperse hundreds of billions of dollars in relief funds to individuals and businesses.

Lawmakers have put forward a number of bills designed to address cyber fraud, during and after the pandemic. The Internet Fraud Prevention Act would require the FBI, Federal Trade Commission and Federal Reserve to study and report on business email compromise (the FBI already issues public reports on the subject).

The COVID-19 Restitution Assistance Fund for Victims of Securities Violation Act would provide individuals up to $50,000 in restitution if they are victims of securities fraud related to the coronavirus.

Another draft bill, the Senior Investor Pandemic Fraud Protection Act would create a new grant program for states to protect seniors citizens and other vulnerable adults from COVID-related fraud.

At a June 16 House Financial Services hearing, VMWare Head of Cybersecurity Tom Kellerman urged the Senate to pass existing House legislation that would increase information sharing efforts between law enforcement, financial institutions and financial regulators.

Kellerman also suggested other legislative proposals, like pushing the Financial Stability Oversight Council to develop a framework for regulating digital currencies, modernizing money laundering and forfeiture regulations to include cryptocurrencies and digital payments and establishing tax credits for fintech companies that dedicate at least 10% of their IT budgets to cybersecurity.

"The cybercrime community has educated themselves as to the interdependencies that exist in the financial sector, and they've begun to commandeer these very interdependencies to manifest criminal conspiracies," Kellerman told the committee.

Another pending bill would move the U.S. Secret Service – which investigates financial crimes – back to the Department of Treasury. Rep. Denny Heck (D-Wash.), one of its cosponsors, said the government has not invested sufficient money or resources to tackle widespread financial fraud over the past decade and particularly at a time when hundreds of billions of federal relief dollars are flowing to businesses, states and individuals.

"Between the lasting damage done to the federal government's investigative capacity by the Budget Control Act – and it has been diminished -- and the loss of mission focus…resulting from moving the [Secret] Service to the Department of Homeland Security, I think the federal government remains pretty unprepared, by and large, to identify and investigate financial cybercrimes," said Heck.

Kelvin Coleman, Executive Director of the National Cybersecurity Alliance, said that both victims and threat actors are recognizing the value of partnerships. As FCW has reported, threat intelligence firms are increasingly finding evidence that ransomware actors and other hacking groups are working together to compromise a broader set of organizations while sharing in the profits. Coleman recommended "game changing investments" from Congress into cybersecurity awareness and education campaigns to counter those kinds of efforts.

"Bad actors are communicating, bad actors are coordinating, why shouldn't the good guys?" Coleman asked.

About the Author

Derek B. Johnson is a former senior staff writer at FCW.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected