Illustration: Eniola Odetunde/Axios

Cyber criminal networks and individual opportunists have leveraged the coronavirus crisis to ramp up schemes to defraud businesses, credulous consumers and governments at all levels.

The big picture: This new wave of cyber crime, documented in a series of indictments, public disclosures and statements from U.S. officials, illustrates why the U.S. government sometimes refers to the “big four plus one” of cyber threats.

  • The big four are the traditional quartet of states known for their cyber capabilities: Russia, China, Iran and North Korea.
  • The “plus one” refers to cash-rich and increasingly adept cyber criminal operations that have now earned equal footing with nation-states.

What’s happening: Since the coronavirus crisis exploded domestically in March, U.S. authorities have mobilized to combat a torrent of related cyber crime. The Justice Department and FBI convened a COVID-19 Working Group, which coordinates closely with the U.S. Secret Service, Cybersecurity and Infrastructure Security Agency, and other agencies.

By the numbers: The scope of the problem is overwhelming. By late May, the FBI’s Internet Crime Complaint Center had received 320,000 complaints over the course of the year, compared to roughly 400,000 complaints in all of 2019.

The FBI: The agency has tracked an increase in online and other fraud related to the Paycheck Protection Program (PPP), which gives loans to small businesses to keep employees on the payroll.

  • The FBI has launched nearly 100 investigations into PPP-related fraud that involve $42 million in funds, and it's clawed back $900,000 from fraudsters.
  • But in some cases, cyber criminals have successfully had victims wire funds to international bank accounts shielded from U.S. law enforcement.

The Secret Service: The acute nature of coronavirus-related fraud has led the U.S. Secret Service, which plays a major role in federal cyber crime investigations, to focus on quickly disrupting these schemes and protecting victims, rather than building prosecutable cases against offenders.

  • Investigators are returning to the question of prosecution after these disruptions have taken place, knowing that quick action may have affected their ability to arrest wrongdoers.

Health care targets: Earlier this year, some cyber criminal groups announced that they were suspending their targeting of the health care sector during the coronavirus crisis. But attacks haven’t stopped.

Stimulus targets: Recently, large-scale stimulus fraud has become a major focus for cyber criminal groups.

  • For instance, cyber criminals, aware of U.S. government efforts to prop up consumer spending, have crafted their messages around recent individual payments to taxpayers, with these groups engaging in stimulus-themed spear-phishing campaigns.

PPE targets: Earlier in the outbreak, much coronavirus-related fraud involved the purchase of personal protective equipment (PPE), which cities and states scrambled to acquire in the initial aftermath of the outbreak in the United States.

  • Using middlemen, states and cities made PPE purchases, sometimes worth many millions of dollars, to procure PPE from foreign countries.
  • Price gouging has been common, and sometimes the transactions have been fraudulent — leading the FBI to step in and stop entire bulk purchases. (In some cases, the federal government and U.S. states battled over PPE orders, leading to charges of political intervention.)

The bottom line: The types of attacks and vectors used by cyber criminals haven't changed in the COVID-19 era.

  • These groups still favor business email compromise and ransomware, for example, often via social engineering schemes, but are updating their content to relate to the coronavirus.
  • From 2014 to late 2019, complaints to the FBI regarding business email compromise scams totaled “more than $2.1 billion in actual losses.”

Go deeper

Updated 3 mins ago - World

Beirut explosion: Death toll rises to 135, officials under house arrest

Photo: Anwar Amro/AFP via Getty Images

The death toll from Tuesday's explosion in Beirut, Lebanon has now surpassed 130, including at least one U.S. citizen, amid a search for answers as to why a huge store of ammonium nitrate was left unsecured near the city's port for nearly seven years.

What we know: The government says around 5,000 people are injured. Defense Secretary Mark Esper said current indications are that the massive explosion was accidental, despite President Trump's puzzling claim on Tuesday evening that it appeared to be a bomb attack.

Exclusive: Trump campaign seeks early September presidential debate

Photo: Jim Watson/AFP via Getty Image

The Trump campaign is asking the Commission on Presidential Debates to move up the last presidential debate to the first week in September to get ahead of an expected surge in early voting.

Driving the news: President Trump's personal attorney, former New York City Mayor Rudy Giuliani, made the request in a letter dated Wednesday and obtained by Axios.

Updated 2 hours ago - Health

N.Y., N.J. and Conn. to require travelers from 35 states to quarantine

Photo: Spencer Platt/Getty Images

Travelers from 35 states are now required to quarantine for 14 days when traveling to New York, New Jersey and Connecticut, per New York state's health department.

What's new: New York City will set up bridge and tunnel checkpoints to enforce the quarantine order, Mayor Bill de Blasio said Wednesday, per the Wall Street Journal.