Computer ScienceCovid-19Other

COVID-19’s Impact on Cybersecurity

I have heard it so often: “Change is constant” and have thought to myself, Sure, that sounds relatively true. Unfortunately, in these uncertain times, people have experienced some of the most profound changes across the world, and the impact will be felt for many years to come.

Change is to be expected in our daily lives. But, when that change impacts the world in a negative way, we are forced to make decisions with a different mindset. COVID-19 has turned everything upside down: our social environment, business, governments, academia, healthcare, and so much more. The term society was no longer social, and the repercussions took a toll on everyone. This new idea of social distancing prompted us to define “a new norm” for society.

We, as a society, needed to communicate and be social regardless of any risks. With the world’s focus on the COVID-19 health crisis, the area of Cybersecurity did not seem that important or a priority when it came to making day-to-day decisions. Within days of the health crisis being announced, cybercriminals were looking for new opportunities to earn their income; in conjunction with this it is projected that cybercrime costs will hit $6 trillion annually by 2021 [1]. In the initial stages of the pandemic, geographically targeted Phishing and misinformation campaigns escalated, crafted to look as they came from the World Health Organization. These attacks prey on the individuals who take such emails at face value and not question the legitimacy of the email.

Every single person worldwide had to make adjustments with regards to the government, social interactions, business practices, healthcare procedures, academic resilience, physical interactions, and environmental impacts. The general public was confused with what was happening and what to do, resulting in the classic fight or flight mindset [2].

During the first few months of lockdown, anything on the internet was thought to be accurate, especially at a time of uncertainty due to the impact of COVID-19. Cybercriminals exploited this to get people to buy fictitious supplies, acquire personal and business information, spread false information, instill breach of trust, and spread chaos. The most common techniques like Phishing became more prevalent as the general population was willing to click any email and any link that had to do with COVID-19 [3]. With many people using the internet from home, cybercriminals knew that most of the home-based networks were not adequately protected against cyber threats. Any application was an open game, even if it had to do with saving lives through contact tracing needed for COVID-19 cases. Geo-Tagging, combined with Case Management tools, allows for mobile devices to capture a plethora of data to include a person’s location and products installed on their mobile devices [4]. Without adequate security people could experience privacy breaches and significant financial losses [5].

Similar issues were present when the worldwide population turned to free software (such as Zoom) to connect with family and colleagues. As the pandemic spread, the need to connect with loved ones increased. Products designed to enable remote conferencing, particularly Zoom, took center stage because they were free and easy to use.

The video conferencing software had approximately 10 million users before COVID-19, but that jumped to 300 million daily meeting participants by April 2020 [6]. With products such as Zoom, there are integrated third-party advertisers harvesting user personal information and other data [7].

The product easily integrates with Google and Adware products to maximize profits through potential advertising business. These software types have access to everything it can see through the end-user, including any files used for sharing, from a one-on-one patient session with doctors to a business meeting or recordings of intimate social meetings [8]. The downside is that no one knows until these issues are exposed, and the company has to take immediate steps or risk public outcry or litigation actions.

COVID-19 remains a world-wide crisis and continues to change our lifestyle [9]. During this unexpected situation, people have had to adjust their everyday lives to minimize the risk of getting infected with the virus. Similarly, individuals need to know and practice basic cyber-hygiene to minimize the risks of getting compromised in the digital world.

Prevention is known to be the best medicine, and minimizing exposure to cybercriminals needs to be thought of the same way. Learning best practices on video conferencing regardless of a product will help the general public make well informed cyber-hygiene decisions [10]. The passion found in people wanting to learn about COVID-19 to prevent getting an infection should also include learning about the pitfalls of poor Cybersecurity to help against privacy or identity theft [11].

Change over time is expected, and given the COVID-19 pandemic, we need to be aggressively adjusting to changing cybersecurity threats. For example, one can install and update virus protection software, regularly change passwords, avoid suspicious calls and emails, and back up their data. Just like how washing our hands frequently and not touching our face is a proven best practice against contracting an illness, following industry and government guidelines on good cyber hygiene can save our digital life and others we touch [12].

References

Lynkova, Darina. 2019. 29 Cybercrime Statistics You Might Have Missed in 2020:  https://leftronic.com/cybercrime-statistics/

Meuret, Stephen Chamberlain & Alicia E. 2020. Fight-or-Flight Response: https://sk.sagepub.com/reference/the-sage-encyclopedia-of-abnormal-and-clinical-psychology/i18709.xml

Guirakhoo, Alex. 2020. How Cybercriminals Are Taking Advantage Of COVID-19: Scams, Fraud, And Misinformation: https://www.digitalshadows.com/blog-and-research/how-cybercriminals-are-taking-advantage-of-covid-19-scams-fraud-misinformation/

Duke, Professor Mark. 2020. National Defense University. Rockville: National Defense University College of Information and Cyberspace (CIC).

Carbone, Christopher. 2020. COVID-19 apps pose privacy risks to users worldwide, investigation finds: https://www.foxnews.com/tech/covid-19-apps-privacy-risks-worldwide-investigation.

Duke, Professor Mark. 2020. National Defense University. Rockville: National Defense University College of Information and Cyberspace (CIC).

UNCTAD. 2020. Cybercrime Legislation Worldwide: https://unctad.org/en/Pages/DTL/STI_and_ICTs/ICT4D-Legislation/eCom-Cybercrime-Laws.aspx

Security, Department of Homeland. 2020. TIPS FOR VIDEO CONFERENCING: https://www.cisa.gov/sites/default/files/publications/CISA_Video_Conferencing_Tips_S508C.pdf

Investigation, Federal Bureau of. 2020. Cyber Crime: https://www.fbi.gov/investigate/cyber

Team, Mayer Brown COVID-19 Response. 2020. Managing Cybersecurity and Privacy Risks Through COVID-19: https://www.covid19.law/2020/03/managing-cybersecurity-and-privacy-risks-through-covid-19/

Biography

Amber Briscoe is a senior at Northwest High School in Germantown, Maryland. Science is one of her passions alongside art. Amber is the president of her school’s X-STEM club, where she teaches STEM concepts to middle school students. She is also the founder of the Arts-n-STEM4Hearts Foundation, an organization that serves to promote healing through the arts and advocates for STEM awareness.

Leave a Reply

Your email address will not be published. Required fields are marked *