Just as the coronavirus and the disease it causes, COVID-19, is spreading rapidly around the world, so too is it providing cyber criminals with a rich environment to conduct their cybercrime “business”.
Cyber criminals thrive on uncertainty, and are benefiting from, and exploiting, the public’s fear of, and curiosity regarding, the coronavirus, effectively parasitising what the World Health Organisation (WHO) has declared a pandemic, and in doing so are creating a cyberspace epidemic.
Cybercrime is similar to an infectious disease.
As I argued in the book Cybercrime in the Greater China Region: Regulatory Responses and Crime Prevention Across the Taiwan Strait, cybercrime is similar to an infectious disease. In the parasitising of the coronavirus, we see different types of cybercrime, both cyber-enabled and cyber-dependent crime, as well as fake news and the spreading of misinformation.
Phishing and scam
By using coronavirus-related information as bait, cyber criminals are sending out phishing emails, a fraudulent email that attempts to acquire sensitive personal information, such as user IDs and passwords, by masquerading as a trustworthy entity in an electronic communication. As well as emails, the cyber criminals are using messages on social media such as:
- Facebook Messenger
There are also messages disseminated via phone calls with pre-recorded messages.
Through social engineering methods they find topics that attract people's attention and trust to lure them into opening a link. This includes, for example, information about the coronavirus, how to prevent it or updates on the coronavirus.
The US Federal Communication Commission reported scams targeting diabetic people by providing them free diabetic monitoring and a complimentary testing kit for the coronavirus.
In addition to general phishing, which targets the general public online, we're also witnessing advanced persistent threats (APT), which is a set of phishing attempts that targets specific groups of people or organisations. There are reports that Vicious Panda, a long-running Chinese-based operation targeting governments and organisations worldwide, is leveraging the coronavirus to conduct APT against the Mongolian public sector.
Some scam messages target specific and or vulnerable groups. For example, the US Federal Communication Commission reported scams targeting diabetic people by providing them free diabetic monitoring and a complimentary testing kit for the coronavirus.
Impersonating organisations such as WHO, government organisations and NGOs, cyber criminals are profiting from people donating money or providing credit card details through fake websites or over the phone.
There are also reports that hackers have attacked health organisations’ computer systems, encrypting crucial files using ransomware. Ransomware, as its name indicates, is a type of malicious software used by cyber criminals to encrypt files and demand a ransom to unlock the affected file. Although some leading ransomware operators and hackers have said they will not attack health organisations and facilities during the COVID-19 crisis, there have been attacks on medical centres in the US and Czech Republic.
The Covidlock, an android app that disguises itself as an app to track people infected with the coronavirus, was discovered to be an app used to lock the user’s mobile phone and ask for ransom. Fortunately, the unlock token has been verified, but we have to be alert to the evolution of the app, and that it might continue with more complicated encryption methods.
Fake news and misinformation
Since the start of the coronavirus in the Chinese city of Wuhan in the Hubei province, fake news and information has been spread widely. This has been labelled as an “infodemic”, with fake news spreading more easily than the Wuhan virus itself.
WHO has noted that the spread of rumours and misinformation is hampering the responses to the coronavirus crisis, but not all of the fake news and information is created and shared with malicious intent. Most of it can be easily verified if the reader is alert.
The relationship between Corona beer and coronavirus is a good example. Some media misinterpreted a New York City survey result, saying that one third of the people surveyed will not buy Corona beer because of the COVID-19.
Other fake news and misinformation went so far as to allege that the Italian army had deployed tanks on the street because prisoners had escaped to avoid the coronavirus. Other “news” items claimed that a COVID-19 vaccine was available in Italy for 50 euros.
Maintain your cyber hygiene
In order to prevent internet users from becoming cyber victims, it's important that everyone maintain their cyber hygiene. This includes:
- not clicking on link attachments in emails and/or on text messages that look suspicious
- not downloading any app that is unnecessary
- double-checking and even triple-checking the source of information, examining the truth of the news and messages disseminated
- regularly updating anti-virus software and patches.
While working from home and online learning are becoming the new normal, it's important that parents pay special attention to what their children are doing online to avoid them becoming victims of online scams or other cybercrime.
On the other hand, the new normal also provides cyber criminals with another opportunity to exploit the innocent.
While COVID-19-related ransomware attacks have so far mainly targeted health organisations, it's expected that cyber criminals will shift their sights to schools and universities during the shutdown.
While resources are devoted to creating novel and exciting new online teaching and learning experiences, it's important to consider adding cybersecurity measures. A good backup plan and cybersecurity awareness training will help reduce the damage that could be caused by a ransomware attack.
To receive a fortnightly email wrap up of stories from Lens.