COVID-19 has caused many changes to the policy priorities of governments around the world. Countries are now focused on the fight against the pandemic and economic recovery measures to cope with its consequences. Inevitably, less attention is allocated to other domestic and international issues, as they are not considered as urgent as the immediate challenges posed by COVID-19. Meanwhile, the average time people spend on the Internet has increased, partly due to the use of video conferencing tools to work, study, and socialize from home. Sounds like the perfect situation for cybercriminals.
Indeed, cybercriminals know that cyber defences have weakened due to the shift of focus to the health crisis and are taking advantage of the situation. The Interpol, FBI, and other federal and international agencies have noted that cyber-attacks have intensified
substantially since the outbreak of COVID-19. The Cyber Security Agency of Singapore
(CSA) also acknowledged that there were more than 1,500 malicious phishing URLs
targeting Singapore during the “circuit breaker” period from March to May of 2020, which
was more than double compared to the previous three months.
One of the well-known cases of cybercrime involves the popular video conferencing
platform, Zoom. In the past few months, reports of uninvited participants crashing Zoom meetings have increased around the globe. Even here in Singapore, a hacker hijacked the
Video call of a geography lesson for a secondary one class and showed obscene pictures to
the students. Since then, the Singapore Ministry of Education has banned the use of Zoom for home-based learning.
Obviously, cyber-attacks are not limited to the so-called “Zoombombing.” According
to Interpol, the types of cyber-attacks vary, and many are in relation to COVID-19. First,
cybercriminals are using COVID-19 themed phishing emails, often impersonating
government and health authorities to lure people into providing their personal information
and downloading malicious data. Second, cybercriminals are using disruptive malware
against critical infrastructure and healthcare institutions to seek financial gains. For example,
Brno University Hospital in the Czech Republic was under a cyber-attack in March 2020 and had to reschedule operations and delay COVID-19 test results. The University of California’s
a laboratory in San Francisco also suffered a ransomware attack. The hackers froze its systems which contained data related to a cure for COVID-19 and demanded payment, and the laboratory ended up paying a ransom of 116.4 bitcoins ($1.14m). Third, cybercriminals are creating thousands of malicious domains which contain the terms “coronavirus”, “covid19” and “covid-19” to carry out spam campaigns, phishing, or to spread malware. Fourth, malware, spyware and Trojans have been found embedded in interactive coronavirus maps and websites to compromise networks, steal data and divert money.
Interpol advises several methods to avoid becoming a victim of cyber-attacks.
First, keep information safe by backing up all important files and storing them
independently in the cloud or at an external drive. Second, always check personalsoftware and systems. Have the latest anti-virus software installed on the computer and mobile devices, secure email gateways to thwart threats via spam, and download mobile applications or any other software from trusted platforms only. Finally, always be vigilant, regularly checking and updating privacy settings in social media accounts and updating our passwords.
There are things to keep in mind when it comes to using Zoom. Don’t make meetings public, but require guests to enter a password. Try not to publicly share links to teleconferences and instead provide links directly to specific people. Finally, it is advisable to change screen-sharing to “Host Only” so that unwanted pictures cannot be shared.
Comments