The COVID-19 pandemic has brought unprecedented challenges to societies worldwide, not only in terms of public health but also regarding the realm of cybersecurity. As the world grappled with the effects of the coronavirus outbreak, cybercriminals wasted no time in exploiting the vulnerabilities that emerged during this crisis. The convergence of a global pandemic and an increasingly interconnected digital landscape created the perfect breeding ground for cyber threats and attacks. In this article, we will explore how COVID-19 posed a significant threat to cybersecurity and the measures that businesses and individuals should take to mitigate these risks.
Since the onset of the pandemic in early 2020, cybercriminals have leveraged the fear and uncertainty surrounding COVID-19 to launch various cyber-attacks. One of the most prevalent tactics employed is phishing, wherein malicious actors send deceptive emails or messages impersonating legitimate organizations, such as health agencies or government bodies, to trick recipients into revealing sensitive information or downloading malware. According to the National Cyber Security Centre, phishing attacks related to COVID-19 surged in March 2020, with cybercriminals exploiting the heightened interest and concern surrounding the pandemic.
What are the 5 types of cyber attacks?
BEC Scams
An example of this is when cybercriminals exploited the increased reliance on email communication by launching BEC scams. In April 2020, the U.S. Federal Bureau of Investigation (FBI) reported an increase in BEC scams targeting organizations involved in the distribution of medical supplies and personal protective equipment (PPE). These scams involved fraudulent emails impersonating legitimate suppliers, tricking businesses into making payments for nonexistent products or services.
Ransomware
Another concerning trend that emerged during the pandemic is the increase in ransomware attacks. Ransomware is a type of malicious software that encrypts a victim’s data and demands a ransom payment in exchange for its release. As businesses and individuals shifted to remote work due to lockdowns and social distancing measures, the use of remote systems and networks created additional security vulnerabilities. Cybercriminals exploited these weaknesses, launching ransomware attacks that crippled numerous organizations and extorted significant sums of money. According to a security company, the first quarter of 2020 saw a 148% increase in ransomware attacks compared to the previous year.
Phishing Attacks
During the COVID-19 pandemic, phishing attacks related to the virus became increasingly prevalent. One example of a phishing attack during this time involved cybercriminals impersonating reputable health organizations, such as the World Health Organization (WHO) or the Centers for Disease Control and Prevention (CDC), to deceive individuals and exploit their fears and concerns surrounding the pandemic.
In this phishing attack, individuals received emails or messages that appeared to be from these health organizations, offering COVID-19-related information, updates, or safety guidelines. The messages were designed to look convincing, often including official logos and language that mirrored legitimate communications.
The attackers would typically include a sense of urgency or importance in the message, urging recipients to take immediate action. For instance, they might claim that the recipient has been exposed to someone with COVID-19 and needs to provide personal information for contact tracing purposes or to access testing or treatment options.
To further deceive individuals, the phishing emails often contained links to seemingly legitimate websites that mimicked the official websites of health organizations. When individuals clicked on these links, they would be directed to fraudulent websites that appeared genuine but were designed to steal personal information, such as login credentials, credit card details, or social security numbers.
Malware Attacks
One example of a malware attack during the COVID-19 pandemic involved the distribution of malicious software disguised as COVID-19-related resources or information. Cybercriminals exploited people’s increased reliance on digital platforms for pandemic-related news and updates to spread malware.
In this scenario, individuals might receive emails, social media messages, or download files from seemingly legitimate sources that claimed to provide important COVID-19 information, such as safety guidelines, tracking maps, or vaccine updates. However, these files or links contained hidden malware that, when executed or accessed, infected the victim’s computer or device.
The malware could take various forms, such as viruses, worms, or ransomware. Once installed, it could enable the attacker to gain unauthorized access to the victim’s system, steal sensitive information, or encrypt files and demand a ransom for their release.
For example, there were instances where individuals received emails purportedly containing COVID-19 safety guidelines or updates from health organizations. These emails would include attachments that, when opened, triggered the installation of malware on the recipient’s device.
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
During the COVID-19 pandemic, there have been instances of Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks that disrupted online services or websites related to COVID-19 information, healthcare, or essential services. These attacks aimed to overwhelm the targeted systems or networks with a flood of traffic, rendering them inaccessible to legitimate users. While specific examples during the COVID-19 pandemic are not readily available, it is important to understand the nature of DoS and DDoS attacks and their potential impact during this time.
A DoS attack involves flooding a target system or network with a high volume of traffic, rendering it unable to respond to legitimate requests. These attacks typically originate from a single source. In the context of the COVID-19 pandemic, cybercriminals could have targeted healthcare or government websites to disrupt critical services, disseminate false information, or cause panic among the public.
DDoS attacks, on the other hand, involve multiple sources, often compromised computers or devices forming a botnet. Coordinated by a control server, these compromised devices simultaneously send massive amounts of traffic to overwhelm the target. In the context of COVID-19, DDoS attacks could have been launched against healthcare systems, testing centers, or government websites, hindering their ability to provide accurate information, distribute resources, or carry out essential functions.
These types of attacks during a global health crisis can have severe consequences. They can hinder access to vital information, disrupt essential services, and potentially endanger lives. Organizations and individuals responsible for maintaining critical infrastructure and delivering essential services need to be vigilant and implement robust cybersecurity measures to mitigate the risks associated with DoS and DDoS attacks.
How Cyber attacks changed
The rapid transition to remote work also posed unique cybersecurity risks. With employees working from home, organizations had to ensure that their remote systems and networks were adequately secured. However, many businesses and individuals were unprepared for this sudden shift, lacking the necessary security measures and best practices to protect sensitive data. Remote access to company networks and data presented an opportunity for cybercriminals to gain unauthorized access and exfiltrate sensitive information. Human error, such as weak passwords or falling victim to social engineering tactics, further exacerbated these risks.
The COVID-19 pandemic changed the cybersecurity landscape in several ways. Cybercriminals adapted their strategies, becoming increasingly sophisticated in their attacks. They exploited the global crisis to prey on individuals’ and organizations’ vulnerabilities, capitalizing on the fear and uncertainty surrounding the virus. Moreover, the increased reliance on digital communication and the surge in remote work amplified the potential for cybersecurity breaches. The Department of Health and Human Services in the United States reported that, during the pandemic, millions of people were affected by data breaches exposing personal information, including social security numbers.
Combatting Cyber Threats
To combat these evolving cybersecurity threats related to COVID-19, organizations and individuals must adopt proactive cybersecurity strategies. This includes maintaining up-to-date security protections, such as antivirus software, firewalls, and regular software updates. Additionally, organizations should invest in threat intelligence to detect and respond to potential cyber threats promptly. Implementing multifactor authentication, encrypting sensitive data, and enforcing strong password policies are essential security practices that can significantly reduce the risk of unauthorized access.
Education and awareness are crucial components of cybersecurity defense. Organizations should provide comprehensive training to employees on recognizing and reporting phishing emails and other cybersecurity threats. Employees must understand the importance of data security and adhere to best practices, even when working remotely. Regular communication and reminders about cybersecurity protocols can help reinforce good habits and minimize the risk of human error.
Furthermore, conducting frequent cyber crisis simulation exercises to prepare for potential cybersecurity incidents is highly recommended. These exercises simulate real-life cyber-attack scenarios and test the organization’s response and recovery capabilities. By identifying and addressing any weaknesses in infrastructure security and incident response plans, businesses can better protect themselves against cyber threats.