Tuesday, June 23, 2020

As the world gets embroiled in a state of confusion, panic and fear amid the ongoing COVID-19 outbreak, it is also battling another common enemy – cybercriminals.

Since the start of this year, a spate of cybersecurity attacks has been recorded all over the world, including Singapore.

Fake emails have been designed to impersonate those of the US Centers for Disease Control and Prevention (CDC) that made recipients click on a link containing information on the coronavirus. This directed them to a fake website which looked like a Microsoft Outlook login page – victims had been prompted to log in with their usernames and passwords. Another email requested recipients to donate bitcoins to the CDC to find a cure to COVID-19, unbeknownst that the agency did not accept virtual currencies.

The World Health Organisation (WHO) also had to deal with a flood of cyberattacks, which targeted its staff and public. These included coronavirus-related phishing emails that lured recipients into clicking a malicious link and downloading malware onto their devices. About 450 active WHO emails had also been leaked in April.

Zoom, which quickly became the world’s chosen telecommuting tool for remote working, had to address a series of security and data privacy issues since March. Among these include ‘Zoombombings’ on users’ servers worldwide that penetrated networks to display racist and pornography imagery on screens. Singaporeans were not spared from these security breaches as well – in early May, attackers disrupted home-based learning classes with obscene images, forcing the Ministry of Education to suspend the use of the platform.

Also in Singapore, several residents received fake COVID-19 emails purportedly sent by Prime Minister Lee Hsien Loong requesting for contributions and public thoughts as the country battles the spread of the virus.

These cybersecurity breaches during the COVID-19 outbreak, whether in Singapore or the rest of the world, teaches us a few things about the strength of our cyber defence systems, the malicious hackers as well as our personal cyber hygiene. We discuss them below.

1. Hackers benefit from disruptions

The COVID-19 outbreak is a global disruption. Healthcare systems have to address the surge in coronavirus patients and large corporations scramble to manage crises in trade, while offices try to make work from home a temporary reality. These offer pockets of vulnerability that hackers take advantage of since it is very easy to manipulate and extort from those who would rather pay a ransom to get their systems back running than devise a response strategy.

2. Work from home environments are not safe enough

Vulnerability of our cyber systems is the highest in remote working environments. When corporations provide employee access to work systems at home, employees open these systems using Wi-Fi networks that may not be as safe as those at the workplace. Further, emails and other web-based work portals may be logged into using the same network. Business deals, which were typically conducted face to face, are now being done online on unsafe servers. All these provide easy entry points for hackers to encroach the network and perform harmful activities, which include – but not limited to – theft of data, injection of malware and abuse.

Even in cases where VPN-secure laptops are provided, employees may make use of “shadow IT” – cloud apps utilised without the knowledge of the company – to overcome challenges they face with remote working. These apps may be logged into using their Office 365 credentials, which widens the home network’s attack surface, creating entry-points for attackers to access private information that the organisation’s IT team did not device security systems for nor is monitoring them.

3. Human factor remains the weakest link in information security chain

When the human is weak, the attacker emerges stronger. Every day, healthcare workers grapple with the increasing number of COVID-19 patients at hospitals, and remote workers try to balance between work and family at home. These occur below a cloud of anxiety and fear induced by the pandemic. What this means is that people are less inclined to pay attention to abnormalities in security systems as their minds are busy trying to get by each day.

On top of that, cyber attackers are quick to take advantage of pandemic-induced insecurities by sending out phishing emails with coronavirus-related information that appear to have been delivered by legitimate authorities like WHO.

4. Cybersecurity is still not taken seriously

On the note of the human factor, the reason why cybersecurity is not taken seriously is that we tend to think it will never happen to us – we go through cybersecurity trainings without much thought into how serious the issue really is. When we make use of a range of IT systems and applications to make daily life during the pandemic more manageable, we think about the benefits of these platforms without paying attention to privacy and security risks.

When we fail to think about these, we let hackers do their jobs with ease.

Global crises like the pandemic are unavoidable. We will continue to depend on cyber systems to combat such crises, which thus makes cybersecurity a critical component of our infrastructure in Singapore. We need to increase the demand for systems security research, experiments and application, as well as train and develop more cybersecurity practitioners in this field. Most importantly, we must educate the public on proper cyber hygiene and remind them that cybersecurity is not a matter to be taken lightly.

Let’s come together two fight these two enemies together. Help yourself and your loved ones through this pandemic safely and securely.