#microsoft | #microsoftsecurity | Defending Cyber Crimes during Covid-19


Introduction

Cybercrime can be described as a type of crime committed by criminals with the use of computers as a tool. The crime can be anything ranging from downloading movies illegally (Piracy), sending spam emails, or trying to gain access over other’s devices connected to the internet (hacking). Since the internet has no geographical limitations, and boundaries it makes it hard to catch the criminals who committed cybercrimes. Cybercrime has the potentials to impact business, and as well as personal. According to cybersecurity ventures’ annual cybercrime report [1], it is estimated that cybercrime damages 6 Trillion USD by 2021. This estimation can show how serious is cybercrime in a business context. Also, a case study [2] conducted by Ponemon Institute LLC and jointly developed by Accenture points out that the average cost of cybercrime in an organization costs 13 Million USD in 2019, which is 1.4 Million USD higher than previous years.

During Covid-19

Covid-19, a Pandemic that turned the world upside down. So far, the world has seen several pandemics before, but Covid-19 is different. Because it bought a threat not only to the physical world but also to the Virtual world (CyberSpace). Day by day the number of cyber attacks increasing dramatically. On 4th August 2020, Interpol released the report [3] which shows the magnificent rate of cyberattacks during this pandemic period. Also, at the moment the attacks are rapidly moving towards small businesses and corporations, governments, and critical infrastructure than to individual targets. When focusing particularly on Southeast Asia, the major threats are Covid-19 related scams, especially Phishing campaigns that mainly themed on Government Covid-19 relief funds. Also, as per IBM’s report [4], between March, and May 2020 there is more 6000 percentage of increases in COVID-19 themed attacks which mainly focuses on Malware sales in the Dark Web. Microsoft security endpoint report [5] reveals that most of the compromises that happened in this pandemic are the results of the attacks that existed earlier. The interesting point to notice here is several malware groups are using the persistence method. During the Covid-19 attacks, the most targeted fields are the critical infrastructure, these include Government organizations, health care, and educational sectors. When getting deep inside the technical part, most of the phishing attacks consists of the URL of advanced malware, so if a single user clicks the URL it can lead to the compromisation of the entire network. With this methodology, the attacker can easily gain access to the network and plant the backdoors which provide persistent access.

When particularly focus on India, the state Kerala records a high quantity of cybercrimes during the lockdown period [6]. The motivation behind these attacks is to compromise the device and acquire banking details. One more interesting cybercrime happened is infected mobile applications such as CoronaSafetyMask [7] that scam the people by announcing they will provide the mask, then collected the money, then installed the trojans like Ginp, Anubis, and Cerberus on the devices.

In India, the most specific cyber attack is using Phishing. State Bank of India (SBI) warned its users to stay alert on the phishing attempts. According to SBIs Twitter post [8], they warned the users not to open the emails from ncov2019@gov.in with a subject line Free COVID-19 Testing.

State-sponsored attacks

In general, state-sponsored cyber-attacks are a type of cyber-attacks that involves the support of a particular country. In the Covid-19 situation, the two countries faced this state-sponsored cyber-attacks. First Australia, and second India. In mid-June 2020, the Australian Prime Minister revealed that [9], Australia is being targeted by state-sponsored cyberattacks, where the attack techniques are very sophisticated. The prime minister did not mention any specific country name that was involved in it. The main target domains are banking, power plants, private organizations, and multiple public services, and agencies. At the end of June 2020, Maharashtra police officials revealed that [10], China-based hackers tried over 40,000 cyber-attacks on India within 5 days. The most targeted domains are banking and information technology. The email address mentioned in the SBI’s twitter post was found in this hacking attempt. After founding it, the Government warned people about this.

Prevention

As a part of preventions, the Government is doing what they can. In June 2020, the Indian government warns against Covid-19 themes phishing attacks. Also, in July 2020, India, and Israel signed a cybersecurity agreement in-order to protect against COVID-19 cybercrimes [11]. This action is appreciable. With this agreement both the countries will share the information, and best practices through their CERTs (Computer Emergency Response Teams), this approach will strengthen the cyberspace of both the countries.

When we look into the cybersecurity chain, the human is the most vulnerable target, no matter how secure the system is, a single human error can lead to dangerous situations. The best example is Twitter Bitcoin Incident, which happened in July [12]. In this, the hackers gained access to Twitter’s system by using the phishing method on its employee. So, the best method to prevent ourselves from cyber-attacks is to follow cyber hygiene. The following are some of the methods to try,

·    Don’t use the same password for all the accounts. Use a minimum of 8-character passwords.

·       Do Download software/apps from official sources such as Playstore, etc…

·      Update your devices/software often.

·      Don’t open email/SMS links and/or attachments received from unknown people/sources.

·     Always keep two backups, one is in an external storage device, another one is in the cloud.

·      Don’t share sensitive information such as passwords, bank details to anyone else.

·      Don’t connect to open WIFI, and if connected try to use the device with a VPN.

·      Use multi-factor authentication.

Conclusion

In this digital era, the internet became essentials in all areas ranging from transportation to satellite connectivity. As the internet grows the threat also grows tremendously, and as more and more devices getting connected to the internet, the more and more it’s getting complicated to catch the criminals. While the prevention controls are getting smarter, the hacker also coming up with new technologies to counter it. So, cybersecurity is everyone’s responsibility.

References

1.     https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/

2.     https://www.accenture.com/_acnmedia/pdf-96/accenture-2019-cost-of-cybercrime-study-final.pdf

3.     https://www.interpol.int/en/content/download/15526/file/COVID-19%20Cybercrime%20Analysis%20Report-%20August%202020.pdf

4.     https://www.ibm.com/downloads/cas/Y5QGA7VZ

5.     https://news.microsoft.com/en-in/microsoft-security-endpoint-threat-report-2019-india/

6.     https://economictimes.indiatimes.com/tech/internet/kerala-records-highest-number-of-cybercrimes-during-lockdown/articleshow/75865802.cms

7.     https://www.zscaler.com/blogs/research/new-android-app-offers-coronavirus-safety-mask-delivers-sms-trojan

8.     https://twitter.com/TheOfficialSBI/status/1274692359469428737

9.     https://www.theguardian.com/australia-news/2020/jun/19/australia-cyber-attack-attacks-hack-state-based-actor-says-australian-prime-minister-scott-morrison

10.  https://www.ndtv.com/india-news/rise-in-cyber-attacks-from-china-over-40-000-cases-in-5-days-official-2251111

11.  https://portswigger.net/daily-swig/israel-and-india-sign-cybersecurity-agreement-to-protect-against-covid-19-cyber-attacks

12.  https://www.theverge.com/2020/7/30/21348974/twitter-spear-phishing-attack-bitcoin-scam

 

AUTHOR

VISHAL SAMSON DAVID SELVAM,

EDITH COWAN UNIVERSITY, AUSTRALIA – PSB ACADEMY, SINGAPORE

Contributor

Do you like Kimee Minj’s articles? Follow on social!





Source link

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Leave a Reply