We are in the middle of a pandemic crisis, and it is imperative to know all the angles that are affecting, because obviously at this moment we are not conscious of it. Due to quarantine, physical crimes have decreased, but on the other hand, cyberattacks have been increasing considerably, as the environment is just right for cybercriminals to strike, and since the world is completely dependent on Internet and computers, we need to be extremely careful to keep them alive and “healthy”.
Cyberspace is considered a new strategic dimension, there are even logic borders creating globalization with all international institutions and corporations. The impact of COVID-19 on society, from a cybersecurity threat landscape perspective will be briefly discussed in this text, highlighting why cybersecurity education is still of utmost importance. Education, as always, seems to be the number one means on how to prevent many dangers in our world.
As we mentioned, this global crisis scenario provides criminals a massive platform of unsuspected victims. Social engineering is of course, at its peak, exploiting the current emotional state. This is very very unfortunate, because the good qualities of the human being, are also the ones that make people vulnerable to psychological manipulations made by cybercriminals to acquire their desires.
You may notice that most organizations have already requested, their workforce to work remotely from home where possible, which for sure is completely needed, but it could be also “suicidal” if the company didn’t put enough effort to their cybersecurity plans and overalls in raising awareness to their employees.
Several countries, such as Italy and Spain had gone into full lockdown forcing people to stay indoors. This has caused people to become fully reliant on technology for both communication, news, entertainment and social interaction. From this we can assure cyber treats can intensify because:
- A huge amount of people working from home has not been fully trailed by all organizations before, hence results are unknown
- The massive reliance on the online connectivity and network infrastructure of every country
- The curious nature of the human psyche, the emotions we share and how we need attention from others especially in times of uncertainty
- Individuals who are not necessarily `tech-savvy' have to suddenly become accustomed to using technology for their daily lives
With these four important bullets, attacks like phishing, fake news, or oriented malware are gaining important strength. What has happened last weeks will give us perfect cases on how cybercrime is used to attack people.
Phishing
Probably phishing is the most versatile cyberattack because it relies totally on human behavior. It can fit everywhere. Example:
- In the past week, Malwarebytes discovered multiple email scams that prey on the fear, uncertainty, and confusion regarding COVID-19. The problem expands beyond pure phishing scams.
- Malwarebytes has put together an article where they showcase different scam, phishing and spam examples. It's a valuable read and gives you a glimpse of what those impersonating emails and phishing emails look like.
You will see:
- Impersonation of the World Health Organization (WHO) employees
- Phishing emails asking to act fast (before banks close)
- Email with a file for a quick remedy for Coronavirus which includes malicious .doc file
- Email that reports latest cases near you with a malicious .xls file
- Email that also spreads malware
Fake URLS
The idea of Fake URLS is impersonating with a malicious site. Also playing with typos like “coronavirus” instead of “coronavirus”. Domains like:
- corona-emergency.com
- combatcorona.com
- buycoronavirusfacemasks.com
- beatingcorona.com
- coronadetection.com
- coronadatabase.com
Have been impersonated and taken by criminals for malicious intents.
Spreading misinformation
I will illustrate this point with my own country Mexico. The disinformation campaign here is huge and is one of the biggest enemies of Mexican society during this pandemic and in the last few years. While the well-known “respectable” media and their so-called journalists are doing a spectacular job by sharing sensational fake news amongst one another, the cybercriminals are only required to publish the news in a sensational manner. Unfortunately, this kind of “cybercriminals” are also influencers, YouTubers and famous persons which create chaos and make people rely on lies and garbage for exacerbating confusion and disorder. I personally believe, since the situation we are facing is extraordinary, we have reached the point where the government must step in, and place a legal requirement not to spread fake news, making it a criminal offense like the ones currently in place in South Korea, Russia, or some African countries:
“Any person who publishes any statement, through any medium, including social media, with the intention to deceive any other person about:
- COVID-19;
- COVID-19 infection status of any person;
- any measure taken by the Government to address COVID-19 commits an offense and is liable on conviction to a fine or imprisonment for a period not exceeding six months, or both such fine and imprisonment”
There are several cases of spreading misinformation, but the typical ones that are currently doing the rounds are regarding the null response from the government to the COVID-19. These people claim that the Mexican government has not reacted against the pandemic, while WHO is publicly congratulating the Mexican state for their accurate and pre-emptive actions against the crisis. Several of these fake news websites, also require users to register to view the news and thus the attack can obtain personal information from the individual.
Injected Malware
One of the very first cyber-attacks related to the pandemic was regarding the fake maps indicating the spread of COVID-19. The Johns Hopkins University provided one of the very first maps which included statistics to the world, which was extremely useful for society to watch the evolution of the crisis in real time. However, since it was so popular, cyber attackers made their own malicious versions of the website that required you to download a plugin or run an additional executable or script. These would then in turn allow an attacker to gain remote access to your system.
Targeting health care system
Contrary to typically targeted sectors, such as banking/finance or e-commerce, the healthcare sector is now in more danger by cybercriminals.
In the short term, the inability to use all computers jeopardizes the proper functioning of hospitals. Some patients in a state of emergency could therefore be refused entry, while hospitals are waiting for a mass influx in the context of COVID-19 spreading. The state of available stocks of medicines in hospitals and pharmacies can also be encrypted and thus disrupt the proper distribution of medicine. Failure to access data on patients' health and their treatment may result in an inability to treat them properly.
In the long term, shutting down a healthcare institution carries a risk of significant financial loss, since the service cannot operate until the cyberattack has been managed and the damage has been repaired. The cost of repairs can also be extremely high in the short term (data reconstitution, viral decontamination, additional operating costs, etc.).
Future attacks
While it is important to focus on the present, treat intelligent tools should determine how all these attacks will evolve and what we can do to protect ourselves in the future. Many experts predict they will go along with the pandemic. We will for sure see malicious websites or phishing campaigns aiming for the following topics.
- COVID-19 vaccination finally in your country
- Your COVID-19 tests are here!
- Look the devastation that COVID-19 did in Spain after pandemic ended
- A famous person died of COVID-19
- Donate to those countries affected more by COVID-19
Conclusion
It is very unfortunate that society does not always respond to any warnings and this pandemic is a clear example of what we did completely wrong. Nevertheless, focusing on cybersecurity, the biggest impact we see, shall resume in these sentences:
- Inaccurate information has a more negative impact than having no information at all
- It takes a massive amount of mental effort to correct information where people already believe the incorrect versions
- Misinformation has caused a massive amount of time that was wasted during the pandemic
- Individuals knew they had to act, however, there were no real guidelines on how to act when the pandemic struck
- The business has to suddenly implement work from home remotely, something they haven’t prepared at all, and we cannot measure the consequences of this in the short term
- Employees are in real risk locked in their home environments, from the cyber security perspective as all the company perimeter is not in place to protect them
- All individuals are forced to embrace technology; it is almost assumed that everyone has the required technical skills
- Large corporation VPNs cannot handle the load to access the network and thus minimizing productivity while working from their home environment