Introduction
It has been almost five
years since the COVID-19 pandemic changed our daily habits. Besides a health
crisis, it also increased the number of cybercriminals who took advantage of
this period. It all began when people started working from home on laptops, anxiety
started to become more common in our lives, and digital communication
increased. More and more malicious actors began to launch attacks against
individuals, services, and healthcare systems. This study analyses cyberattacks
during the COVID-19 period, the causes that enabled these attacks, and what the
world has learned from these incidents.
Incident Context
As the pandemic spread
rapidly, there was a massive shift in workplaces and digital behaviours as
millions of people began working from home, relying on various devices to
communicate online. With this forced transition, the number of cyber threats
increased by 600%, with phishing attacks reported in March 2020 alone,
targeting both individuals and large companies (Shi, 2020). During the
pandemic, attackers used various methods such as phishing emails that cloned
healthcare systems like the World Health Organization (WHO) (Gallagher &
Brandt, 2020).
Cyberattack Details
Cyber events during
COVID-19 included: financial scams, phishing campaigns, ransomware attacks, and
unauthorized access attempts supported by nation-states, targeting COVID-19
research. The most common cyberattacks included phishing and social engineering.
According to an Interpol report, between January and April 2020, there were
907,000 spam messages, 737 malware threats, and 48,000 malicious
COVID-19-related URLs (Davis, 2020).
Phishing and Malware
The preferred method of
cybercriminals was phishing, as they sent emails and SMS messages pretending to
be from health authorities. These emails contained fake links mimicking trusted
sources, such as the COVID-19 tracker. In April 2020, Google announced that it
was blocking 18 million phishing emails related to COVID-19 daily (Kumaran
& Lugani, 2020).
Ransomware Attacks on Healthcare Systems
Healthcare organizations
and hospitals were targeted by ransomware attacks during the COVID-19 pandemic.
Cybercriminals took advantage of vulnerabilities in these systems, demanding
payments for the recovery of important data. In March 2020, the Public Health
District was affected by the Netwalker ransomware attack, disrupting healthcare
services (The Register, 2020).
Advanced Persistent Threats (APT) and COVID-19 Research
Nation-states like China
and Russia were linked to supporting groups that attacked pharmaceutical
companies, research institutions, and vaccine developers to access intellectual
property related to COVID-19 treatments and vaccines (FBI, 2020). A joint alert
issued by the UK National Cyber Security Centre (NCSC) and the US Cybersecurity
and Infrastructure Security Agency (CISA) indicated the use of tactics such as
"password spraying" and exploiting VPN vulnerabilities to gain
unauthorized access to sensitive COVID-19 research information (NCSC, 2020).
Impact on Individuals and Organizations
During the COVID-19 pandemic, numerous cyberattacks affected both individuals and organizations. Individuals faced financial attacks and identity theft, while healthcare organizations experienced operational system disruptions and financial losses. For example, the UK recorded over 160,000 reports of suspicious emails in May 2020, and COVID-19-related scams caused an estimated £4.6 million in losses for British victims (Sky News, 2020).
The increased demand for
cybersecurity resources put pressure on the IT sector, which had to quickly
adapt to remote working, ensuring the protection of important data and employee
safety. This situation led to a rise in cybersecurity spending. By 2027, cybersecurity
spending is projected to reach $281 billion due to the pandemic (Allied Market
Research, 2020).
Statistical Analysis
COVID-19 statistics highlight the extent of cyber risks during a global crisis:
1. Phishing Attacks: The number of phishing emails increased by 600% in March 2020 (Shi, 2020).
2. Ransomware Payments: In the second quarter of 2020, ransomware payments reached $178,254, a 60% increase compared to the previous quarter (Davis, 2020).
3. Daily Phishing Attempts: In April 2020, Google blocked 18 million COVID-19-related phishing attempts daily (Kumaran & Lugani, 2020).
4. These
figures highlight the threats during times of uncertainty and how hackers
exploited vulnerabilities.
Implications for Cybersecurity
Cyberattacks during the COVID-19 period highlight several critical areas for improving cybersecurity practices:
1. Securing Remote Work: Companies need to develop infrastructure for remote work with the help of Virtual Private Networks (VPNs), multi-factor authentication, and employee training on phishing attacks.
2. Cyber Protection in Healthcare Systems: Protecting electronic health data and healthcare systems.
3. Regulations and Policies: Governments need to develop policies against cyberattacks. In the UK, the National Cyber Security Centre is an example of cybersecurity defence.
4. Increasing Public Awareness: User education is essential. Awareness campaigns can help reduce phishing threats and other scams, especially during critical times when hackers use social engineering methods.
---------------------------------------------------------------------------------------
Reference List:
1. Lallie, H. S., Shepherd, L. A., Nurse, J. R., Erola, A., Epiphaniou, G., Maple, C., & Bellekens, X. (2021). Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, 102248. https://doi.org/10.1016/j.cose.2021.102248
2. INTERPOL (2020) INTERPOL report shows alarming rate of cyberattacks during COVID-19. Available at: https://www.interpol.int/en/News-and-Events/News/2020/INTERPOL-report-shows-alarming-rate-of-cyberattacks-during-COVID-19 (Accessed: 10 November 2024).
3. Oxford Academic (2021) Healthcare cyberattacks and the COVID-19 pandemic. Available at: https://academic.oup.com/intqhc/article/33/1/mzaa117/5912483 (Accessed: 8 November 2024).
4. IEEE Xplore (2024) Ransomware attacks of the COVID-19 pandemic: Novel strains, victims, and threat actors. Available at: https://ieeexplore.ieee.org/document/10308425 (Accessed: 13 November 2024).