COVID 19’S IMPACT ON CYBERSECURITY

ABSTRACT
The emergence of information technology (IT) and its establishment as an almost
ubiquitous aspect of our lives has been one of the defining aspects of the technology
revolution. As we have realized over the years, IT is vital and has helped in economic
and social progression of India.

This very aspect also makes IT a potential target for cyber security even in the most
normal times. Today, as the world grapples with an unprecedented pandemic in the
form of Covid-19, hackers are trying to take advantage of the rapid changes happening
across industries. As social distancing becomes the new normal so does working from
home for employees with lockdowns and commute restrictions coming into place.

This remote setting brings along cyber security threats due to remote access of critical
IT infrastructure by privileged users, use of collaboration tools for team interactions,
availability of enterprise data on endpoint devices, lack of physical oversight of
critical IT infrastructure, additional users new to remote work setting and so on and so
forth.

These cyber risks are leading hackers into leveraging the COVID pandemic to launch
cyber security using it as a lure. Hackers are using the COVID-19 crisis as a part of
their attack with various viruses in forms of ransomwares, data stealers or banking
malwares such as Mustang Panda, Kimsuky and many others.

It’s in such times that digital solutions as a key mitigation tool for these threats gain
utmost importance to ensure that companies are secure, and their communications and
data are efficiently protected. And cyber-security is emerging as a vital shield against
these wrong doers.
INTRODUCTION
COVID-19 had a massive impact on society as a whole at the start of 2020. The virus was
first identified in Wuhan, Hubei, China in December 2019. Subsequently, on the 11th of
March 2020, the virus has been classified as a pandemic by the World Health Organization.
Along with the massive amount of infections across the world, it has also
brought along an era of mass hysteria and confusion. This paper explores the impact the virus
has had on the cyber security landscape and how it is impacting the daily lives
of organisation. The world as we know it will never be the same. The start of the year 2020.
brought along discussions about the coronavirus family of viruses and how they
are impacting our daily live. It is well known that the mass hysteria is having a massive
impact in our society and governments are putting entire countries in lock down.
The focus of this paper is to explore the exact impact the COVID-19 had
within the realm of the cyber security threat landscape of the world. There is
currently massive uncertainty amongst the general public on what is accurate
news and what is fake news. There are also corporations trying to push their
own agenda, amidst this hysteria, whilst cyber criminals are trying to profiteer
out of this pandemic.
This paper is taking allows one to explore what is the current threats that the everyday
organisations are facing. It also provides general guidelines on how the situation should be
handled and how can we alleviate the imminent threats we facing. Doing projections on what
is currently seen and what we expect to happen within the coming months also has the
advantage of reflection upon in the future. Currently, the only known fact is
that there is no end-goal insight for the pandemic and that the world needs to
do something about it.
Throughout this pandemic, it is up to the cyber security specialists to do
their utmost in order to protect the information technology sector. There
is current a massive influx of cyber security attacks being launched daily against
the information technology.
Investigates the cyber security threat landscape during the COVID-19 pandemic with the
expected upcoming cyber security attacks. Discusses the impact that COVID-19 had on the
general public, businesses, and the economy from a cyber security perspective.
BACKGROUND OF THE STUDY
Impact of COVID-19 on cyber security threat.

It has been observed observed a spike in phishing attacks, Malspams and ransomware attacks
as attackers are using COVID-19 as bait to impersonate brands thereby misleading employees
and customers. This will likely result in more infected personal computers and phones. Not
only are businesses being targeted, end users who download COVID-19 related applications
are also being tricked into downloading ransomware disguised as legitimate applications.
Organisations should take proactive steps by advising their staff and customers to be more
vigilant and cautious especially when opening links, emails or documents related to the
subject COVID-19. Organizations should ensure their detection and alerting capabilities are
functional while keeping an eye on the impact of having many remote worker.

With many employees working from home and students learning virtually, enterprise virtual
private network (VPN) servers have now become a lifeline to companies/schools, and their
security and availability will be a major focus going forward. In a bid to achieve this, there is
a possibility that an organisation's unpreparedness will lead to security misconfiguration in
VPNs thereby exposing sensitive information on the internet and also exposing the devices to
Denial of Service (DoS) attacks. In addition to this, some users may utilise personal
computers to perform official duties which could also pose a great amount of risk to
organisations. Organisations should ensure VPN services are safe and reliable as there
promises to be a lot more scrutiny against these services. Furthermore, employees should be
advised against using personal computers for official purpose.

The functioning of many security teams is likely to be impaired due to the COVID-19
pandemic thereby making detection of malicious activities difficult and responding to these
activities even more complicated. Updating patches on systems may also be a challenge if
security teams are not operational. Organizations should evaluate the security defences in
place and explore the use of co-sourcing with external consultants especially for areas where
key man risks have been identified.

Phishing
3.1 Phishing
Phishing is probably the number one item that has seen a massive rise during
these trying times. Society is hungry for information, or even for some form of
relief, and thus phishing is just so much more successful during these times.
Most of the examples that has been witnessed in the wild is e-mails, such as
from tax authorities offering victims “tax refunds” to help them cope with the
coronavirus pandemic. All they had to do was enter their name, address, phone
number, mother’s maiden name and bank card number — a clear scam.
The cyber attackers are also very closely following the global trends and
news. The latest phishing scam that occurred is regarding the 1000 USD to that
United States might offer to each house hold for relief during this difficult times.
Fig. 2. US grant scam sms [35]
3.2 Fake URLs
Fake URLs
Over the past month there has been a massive increase in the procurement of
fake URLs, associated to COVID-19. Typically, the modus operandi is for
scammers to scoop up a bunch of COVID-19 related domains, and to turn them
into malicious malware injection sites. After all of the ‘good’ domains are taken,
the scammers will eventually start preying on the domains containing typos,
using words like ‘coronovirus’ instead of ‘coronavirus’.
The excerpt of the domain names that have been registered during that include the name

corona-emergency.com
corona are as follows:

– combatcorona.com
– buycoronavirusfacemasks.com
– beatingcorona.com
– coronadetection.com
– coronadatabase.com
– corona-crisis.com
– corona-emergency.com
– combatcorona.com
– buycoronavirusfacemasks.com
– beatingcorona.com
– coronadetection.com
– coronadatabase.com
Preying on the good of people

There has been several examples of this in the wild. One of the worst ones in
the past month is where almost 2 million USD was stolen through cryptocurrency
donation scams . The attackers were smart in the sense that they asked the
victims to donate in bitcoins, as it is almost impossible to really trace where the
money ends up eventually.
3.5 Spreading Personal Agendas

Spreading misinformation

Misinformation is one of the biggest enemies to society during this pandemic.

Since the public themselves are doing a spectacular job by sharing sensational
fake news amongst one another, the cyber criminals are only required to publish
the news in a sensational manner. There has been a massive influx in fake news
articles and several companies are actively trying to resolve this. The
Humanitarian-to-Humanitarian. Network has invested 500 000 GBP to
fight against misinformation.
There are several cases of spreading misinformation, but the typical ones that
are currently doing the rounds are regarding fake COVID-19 cures. These people
claim to be renegade doctors repressed by the Chinese or Western governments
who already have vaccines available. In another case, a claim has been made that
the US president has made claims that a cure is available and approved by the
FDA, which was later proven to be false. Several of these fake news websites,
also require users to register to view the news and thus the attack can obtain
personal information from the individual. Downloading of malicious software is
another method of how attackers attempt to steal information with emails having download
links with “Safety measures”.

Malicious Websites

Fig. 3. WHO phishing email [59]

3.7 Malicious Websites
One of the very first cyber attacks related to COVID-19 was regarding the fake
COVID-19 maps. The Johns Hopkins University provided one of the very first
maps which included statistics to the world. This has been a great resource to
society and has proven to be massively beneficial. However, since it was so popular, cyber
attackers made their own ‘fake’ versions of the website that required
you to download a plugin and showing just how convincing the fake pages
can appear. This plugin would then in turn allow an attacker to gain remote
access to your system.
Fig. 4. Fake map with outbreak information [61]

In another example, there has been websites masquerading as the official

communication channels, such as the WHO or Centre for Disease Control (CDC)
and asking recipients to download documents containing safety tips. It has later
been found that most of these malicious websites, and the files that were subsequently
downloaded, contained malware designed to steal banking credentials
or to key log people’s passwords.
3.8 Upcoming Attacks

Upcoming attacks

The importance of discussing upcoming attacks is both a way to determine how

these attacks will evolve, and what can we do in the future. Unfortunately, these
attacks are not going away any time soon. The authors predict that they will just
evolve alongside with the evolution of the pandemic. It is suggested that very
soon we will see malicious websites, fake news and phishing attempts starting to
focus on the following topics:
– Your COVID-19 tests have arrived!
– It is alarming to see what country X did during the outbreak, click here to

- Your COVID 19 tests have arrived.

- It is alarming to see what country X did during the outbreak, click here to view more.
- Finally, your free COVID 19 testing centre has opened. Click here to make your
booking.
RESEARCH OF THE STUDY
This study intends to identify the cyber security threat during the
COVID – 19 pandemic in society in the following aspects:

- Phishing
- Fake URLs
- Preying on the good of people
- Spreading misinformation
- Malicious websites
- Upcoming attacks