Defending Cyber Crimes during Covid-19

Defending Cyber Crimes during Covid-19

By Adv. Shafay Haider


Cybercrime can be described as a type of crime committed by criminals with the use of computers as a tool. The crime can be anything ranging from downloading movies illegally (Piracy), sending spam emails, or trying to gain access over other’s devices connected to the internet (hacking). Since the internet has no geographical limitations, and boundaries it makes it hard to catch the criminals who committed cybercrimes. Cybercrime has the potentials to impact business, and as well as personal. According to cybersecurity ventures’ annual cybercrime report [1], it is estimated that cybercrime damages 6 Trillion USD by 2021. This estimation can show how serious cybercrime is in a business context. Also, a case study [2] conducted by Ponemon Institute LLC and jointly developed by Accenture points out that the average cost of cybercrime in an organization costs 13 Million USD in 2019, which is 1.4 Million USD higher than previous years.


Covid-19, a Pandemic that turned the world upside down. So far, the world has seen several pandemics before, but Covid-19 is different. Because it bought a threat not only to the physical world but also to the Virtual world (CyberSpace). Day by day the number of cyber attacks increasing dramatically. On 4th August 2020, Interpol released the report [3] which shows the magnificent rate of cyberattacks during this pandemic period. Also, at the moment the attacks are rapidly moving towards small businesses and corporations, governments, and critical infrastructure than to individual targets. When focusing particularly on Southeast Asia, the major threats are Covid-19 related scams, especially Phishing campaigns that mainly themed on Government Covid-19 relief funds. Also, as per IBM’s report [4], between March, and May 2020 there is more 6000 percentage of increases in COVID-19 themed attacks which mainly focuses on Malware sales in the Dark Web. Microsoft security endpoint report [5] reveals that most of the compromises that happened in this pandemic are the results of the attacks that existed earlier. The interesting point to notice here is several malware groups are using the persistence method. During the Covid-19 attacks, the most targeted fields are the critical infrastructure, these include Government organizations, health care, and educational sectors. When getting deep inside the technical part, most of the phishing attacks consists of the URL of advanced malware, so if a single user clicks the URL it can lead to the compromisation of the entire network. With this methodology, the attacker can easily gain access to the network and plant the backdoors which provide persistent access. When particularly focus on Pakistan, the Province Punjab records a high quantity of cybercrimes during the lockdown period [6]. The motivation behind these attacks is to compromise the device and acquire banking details. One more interesting cybercrime happened is infected mobile applications such as CoronaSafetyMask [7] that scam the people by announcing they will provide the mask, then collected the money, then installed the trojans like Ginp, Anubis, and Cerberus on the devices.


When we look into the cybersecurity chain, the human is the most vulnerable target, no matter how secure the system is, a single human error can lead to dangerous situations. The best example is Twitter Bitcoin Incident, which happened in July [12]. In this, the hackers gained access to Twitter’s system by using the phishing method on its employee. So, the best method to prevent ourselves from cyber-attacks is to follow cyber hygiene. The following are some of the methods to try, · Don’t use the same password for all the accounts. Use a minimum of 8-character passwords. · Do Download software/apps from official sources such as Playstore, etc… · Update your devices/software often. · Don’t open email/SMS links and/or attachments received from unknown people/sources. · Always keep two backups, one is in an external storage device, another one is in the cloud. · Don’t share sensitive information such as passwords, bank details to anyone else. · Don’t connect to open WIFI, and if connected try to use the device with a VPN. · Use multi-factor authentication. Conclusion In this digital era, the internet became essentials in all areas ranging from transportation to satellite connectivity. As the internet grows the threat also grows tremendously, and as more and more devices getting connected to the internet, the more and more it’s getting complicated to catch the criminals. While the prevention controls are getting smarter, the hacker also coming up with new technologies to counter it. So, cybersecurity is everyone’s responsibility. References



© 2020, All rights reserved.